Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
497
Views
0
Helpful
0
Replies

CNA authentication - tacacs

muca
Level 3
Level 3

‎12-09-2013 03:49 PM - edited ‎03-07-2019 05:00 PM

Hi there,

I am trying to get CNA working on a 2960S-24PS-L

I am running CNA versionb 5.8(9) and we use tacacs for authentication.

Haven't managed to get it working. I can telnet to it using my TACACS credentials fine but CNA doesnt work.

Didnt see an option for ip http authentication tacacs or group so went with ip authentication aaa

Anyone seen this problem before?

I also tried to adding

aaa authentication enable default group DSLWG-TACACS

When I add the command above then debugs shows:

LINZJQ-03N-2C29-01#

AAA/BIND(00000026): Bind i/f

AAA/AUTHEN/LOGIN (00000026): Pick method list 'Permanent Local'

Current config:

aaa group server tacacs+ DSLWG-TACACS

server x.x.x.x

aaa authentication login CLI group DSLWG-TACACS enable

aaa authorization console

aaa authorization exec CLI group DSLWG-TACACS if-authenticated

aaa authorization commands 1 CLI group DSLWG-TACACS if-authenticated

aaa authorization commands 5 CLI group DSLWG-TACACS if-authenticated

aaa authorization commands 15 CLI group DSLWG-TACACS if-authenticated

aaa accounting exec CLI start-stop group DSLWG-TACACS

aaa accounting commands 1 default start-stop group DSLWG-TACACS

aaa accounting commands 1 CLI start-stop group DSLWG-TACACS

aaa accounting commands 5 CLI start-stop group DSLWG-TACACS

aaa accounting commands 15 default start-stop group DSLWG-TACACS

aaa accounting commands 15 CLI start-stop group DSLWG-TACACS

ip http server

ip http authentication aaa

no ip http secure-server

Thanks

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card