Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ip http authentication aaa login-authentication doesnt work

I have "ip tacacs source-interface Vlan1 " in my config because without it enabled I cant ssh in with tacacs. However, with that line in the config, I cant access via https unless I have the line "ip http authentication local"

4 REPLIES

Re: ip http authentication aaa login-authentication doesnt work

For http access , the user should have privilege level 15. This is how you enable it on acs.

Bring users/groups in at level 15

1. Go to user or group setup in ACS

2. Drop down to "TACACS+ Settings"

3. Place a check in "Shell (Exec)"

4. Place a check in "Privilege level" and enter "15" in the adjacent field

Regards,

~JG

Do rate helpful posts

New Member

Re: ip http authentication aaa login-authentication doesnt work

This is NOT the problem. All other switches except for the 10 we have to put the "ip tacacs source-interface Vlan1" work just fine when accessed via https using tacacs.

Re: ip http authentication aaa login-authentication doesnt work

Then this is something you should have included in your first port.

Thanks for using rating system.

Re: ip http authentication aaa login-authentication doesnt work

One small query, suppose you don't have the "ip http authentication local" statement in your config ... now when you try to login via HTTP, do you see any logs ( failed attempts or successfull) on the ACS server ?

346
Views
2
Helpful
4
Replies