Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

strange problem with cut-through proxy

hi

i have configured cut- through proxy on the router with acs.i am facing a strange problem .

my routers's ethernet 3/0 interface ip add is 10.1.1.1/24 and the acs server is 10.1.1.2/24 and the host ip is 10.1.1.3/24

my routers' e2/0 interface is connected a server running a website .

int e2/0

no shutdown

ip add 20.1.1.1/24

exit

the webserver is running on 20.1.1.2

my router's config

aaa new-model

aaa authentication login default group tacacs+

aaa authorization auth-proxy default group tacacs+

aaa authorization exec default group tacacs+

tacacs-server host 10.1.1.2

tacacs-server key cisco

ip http server

ip http authentication aaa

ip access-list 101 permit tcp host 10.1.1.2 eq tacacs host 10.1.1.1

ip auth-proxy name auth http

int e3/0

no shutdown

ip add 10.1.1.1/24

ip access-group 101 in

ip auth-proxy auth

exit

on the acs server in the tacacs+ ios

i have selected auth-proxy in the services for users and groups

i have created a user john with privilege level 15

have selected auth-proxy and custom attributes

proxyacl#1=permit tcp any any priv-lvl=15

i get the auth-proxy login page when the host on 10.1.1.3 is trying to access 20.1.1.2 web site .

after putting the login credentials i get authentication failed

i tried the debug. i see the router is sending the authentication login and password and getting the status from the acs as pass. i also see the auth-proxy triggered. in there i see

AUTH-PROXY PROTOCOL NOT CONFIGURED.

could someone pls help me what could be the problem. i am have tried many times to get this work. but not fortunate enough.

am i missing on any commands on the router or on the acs. i tried doing as the example mentioned in the student guide but still failed. pls help. waiting for some reply.

sebastan

1 REPLY
Silver

Re: strange problem with cut-through proxy

120
Views
0
Helpful
1
Replies