Solved: How to configure ip http and ip secure server to authenticate against local username database

sstraw · ‎12-04-2013

Hello All.

I am attempting to configure some 2960 series switches to authenticate http and https browser management access against a local username database and cannot get the http or the https server to pop up a challenge response box for a login against the local username database. I just want to authenticate against the local username database only and NOT against a TACACS or ACS server.

The switches are Cisco 2960 model WS-C2960-48TC-L running IOS v12.2(44)SE6 C2960-LANBASEK9-M.

I have added the following configuration statements to the setup:

username JohnDoe priv 15 secret JohnsPassword

aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa authorization network default local

ip http server

ip http secure-server
ip http authentication aaa

When accessing the IP of the switch I am asked if I want a "secure session" and then it goes straight to the switch GUI and doesn't offer a challenge response box to authenticate against the local database. Seems like this should be simple to do. What am I missing?

Thanks in advance for your responses.

Steve

yusuf habibi · ‎12-05-2013

replace this cmd:

ip http authentication aaa to ip http authentication local

Regards,

Habibi

Regards, Habibi

View solution in original post

yusuf habibi · ‎12-05-2013

replace this cmd:

ip http authentication aaa to ip http authentication local

Regards,

Habibi

Regards, Habibi

sstraw · ‎12-05-2013

Habibi,

This worked nicely. The triple A stuff isn't necessary with it. Knew there had to be a "simple" solution.

Thanks.

Steve