Https with aaa tacacs on 3750 -> impossible to connect

Unanswered Question
Sep 21st, 2006
User Badges:

Hello,


here is my configuration of 3750 :

aaa new-model

aaa group server tacacs+ ACCES

server 10.99.4.1

server 10.99.4.2

!

aaa authentication login default local group ACCES

aaa authentication enable default enable group ACCES

aaa authorization exec default local group ACCES

aaa accounting send stop-record authentication failure

aaa accounting exec default start-stop group ACCES

aaa accounting commands 1 default start-stop group ACCES

aaa accounting commands 15 default start-stop group ACCES


and


no ip http server

ip http authentication aaa

ip http secure-server


and

tacacs-server host 10.99.4.1

tacacs-server host 10.99.4.2

tacacs-server timeout 3

tacacs-server directed-request

tacacs-server key XYZP


No problem to connect with ssh but it doesn't work with https !


When I debug aaa , http and tacacs, it seems that 3750 doesn't send something to acs.


The version is :

"flash:c3750-ipbasek9-mz.122-25.SEE1/c3750-ipbasek9-mz.122-25.SEE1.bin"


Thank you for your help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
b.speltz Wed, 09/27/2006 - 09:01
User Badges:
  • Bronze, 100 points or more

try enabling ip http server authentication

gaganbatra Fri, 09/29/2006 - 06:32
User Badges:

Hi,

Enter the following commands on the switch and let me know if it helps

ip http authentication aaa login-authentication

and ip http authentication aaa exec-authorization.


Thanks

Gagan


Actions

This Discussion