Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

WS-C3548-XL http access via tacacs+

Hi all,

I have to enable login via tacacs+ on some 2950 switches ( ios 12.0(5.2)XU).

actually i can access the home page and i'm authenticated via tacacs at non privileged mode.

The problem is that when i try to open cluster manager it ( a java applet ) ask for a level 15 access username and password. no one tacacs+ or local pair value works.

what i have to do?

commands inserted:

aaa new-model

aaa authentication login default group tacacs+ enable

aaa authentication enable default group tacacs+ enable

aaa authorization exec default group tacacs+ local

aaa authorization network default local

aaa accounting exec default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

........

ip http server

ip http authentication aaa

Thank's

3 REPLIES
New Member

Re: WS-C3548-XL http access via tacacs+

Hi,

We have a bug filed for this issue CSCds27312, but as of now I am not aware of a solution.

Thanks

Sujit

New Member

Re: WS-C3548-XL http access via tacacs+

Bronze

Re: WS-C3548-XL http access via tacacs+

I suggest take out the command line:

aaa authentication enable default group tacacs+ enable

and add these two lines:

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization commands 15 default group tacacs+ if-authenticated

358
Views
0
Helpful
3
Replies