Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to configure ip http and ip secure server to authenticate against local username database

Hello All.

I am attempting to configure some 2960 series switches to authenticate http and https browser management access against a local username database and cannot get the http or the https server to pop up a challenge response box for a login against the local username database. I just want to authenticate against the local username database only and NOT against a TACACS or ACS server.

The switches are Cisco 2960 model WS-C2960-48TC-L running IOS v12.2(44)SE6 C2960-LANBASEK9-M.

I have added the following configuration statements to the setup:

username JohnDoe priv 15 secret JohnsPassword

aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa authorization network default local

ip http server

ip http secure-server
ip http authentication aaa

         

When accessing the IP of the switch I am asked if I want a "secure session" and then it goes straight to the switch GUI and doesn't offer a challenge response box to authenticate against the local database. Seems like this should be simple to do. What am I missing?

Thanks in advance for your responses.

Steve

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

How to configure ip http and ip secure server to authenticate ag

replace this cmd:

ip http authentication aaa to ip http authentication local

Regards,

Habibi

Regards, Habibi
2 REPLIES
New Member

How to configure ip http and ip secure server to authenticate ag

replace this cmd:

ip http authentication aaa to ip http authentication local

Regards,

Habibi

Regards, Habibi
New Member

How to configure ip http and ip secure server to authenticate ag

Habibi,

This worked nicely. The triple A stuff isn't necessary with it. Knew there had to be a "simple" solution.

Thanks.

Steve

1013
Views
0
Helpful
2
Replies