Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
581
Views
0
Helpful
1
Replies

Catalyst 2950 failed http authentication with tacacs+

ksum
Level 1
Level 1

‎10-07-2003 04:16 PM - edited ‎03-02-2019 10:50 AM

I have a 2950 running IOS 12.1.13(EA1) with the following config.

I have a tacacs+ server setup for authentication for the switch. When I telnet into the switch, it prompts me for username and password which works fine. When i add the authentication for http management side of the switch. It says 'authentication failed' I have tried creating different username and password it still fails. If i use the local authentication instead of the tacacs+ for logging in using a web browser it will work fine. I have download the java client from cisco's website but still same problem. I also use the "debug ip http authentication" but messages are no assistance.

Can anyone explain this? is there something wrong with the config?

-------------------------------------------

aaa new-model

aaa authentication login default group tacacs+ local

aaa authorization exec default if-authenticated

aaa authorization network default if-authenticated

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

ip http server

ip http authentication aaa tacacs+

---------------------------------------

Labels:
0 Helpful
1 Reply 1

didyap
Level 6
Level 6

‎10-13-2003 12:06 PM

Try changing ip http authentication aaa tacacs+ to

ip http authentication aaa

tacacs-server host single-connection

tacacs-server key ********

Also take a look at the outputs of debug ip http and debug aaa authentication which might give you some messages.

0 Helpful
Customers Also Viewed These Support Documents