Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Https with aaa tacacs on 3750 -> impossible to connect

Hello,

here is my configuration of 3750 :

aaa new-model

aaa group server tacacs+ ACCES

server 10.99.4.1

server 10.99.4.2

!

aaa authentication login default local group ACCES

aaa authentication enable default enable group ACCES

aaa authorization exec default local group ACCES

aaa accounting send stop-record authentication failure

aaa accounting exec default start-stop group ACCES

aaa accounting commands 1 default start-stop group ACCES

aaa accounting commands 15 default start-stop group ACCES

and

no ip http server

ip http authentication aaa

ip http secure-server

and

tacacs-server host 10.99.4.1

tacacs-server host 10.99.4.2

tacacs-server timeout 3

tacacs-server directed-request

tacacs-server key XYZP

No problem to connect with ssh but it doesn't work with https !

When I debug aaa , http and tacacs, it seems that 3750 doesn't send something to acs.

The version is :

"flash:c3750-ipbasek9-mz.122-25.SEE1/c3750-ipbasek9-mz.122-25.SEE1.bin"

Thank you for your help.

2 REPLIES
Bronze

Re: Https with aaa tacacs on 3750 -> impossible to connect

try enabling ip http server authentication

Community Member

Re: Https with aaa tacacs on 3750 -> impossible to connect

Hi,

Enter the following commands on the switch and let me know if it helps

ip http authentication aaa login-authentication

and ip http authentication aaa exec-authorization.

Thanks

Gagan

452
Views
0
Helpful
2
Replies
CreatePlease to create content