Cisco Web interface TACACS Authentication?
I currently am working with Cisco Catalyst 2940-8TF Layer 2 switches with IOS 12.1(22)EA10a .
They are configured for TACACS authentication when connecting to the switch via telnet.
I am trying to set them up so that when the web interface is accessed that it also uses TACACS authentication. It is using the enable password. I have configured the following 2 commands which I expect should work, but instead, when I enter these commands, username/password do not work, nor does the enable password.
ip http server
ip http authentication tacacs
Am I missing something?
**Thanks, I'm out of work for the next 2 days, so I'll post results then
- 1 decade agoFavourite answer
could you post the tacacs+ config - without the server key etc.
also, enable debug tacacs events
capture the output when a user authenticate via http. post anything that may seem relevant.
I did find this bug ID on Cisco's site. Not sure if it is affecting you though.
The ip http authentication enable global configuration command is not saved to the configuration file because this is the default configuration. Therefore, this configuration is lost after a reboot.
The workaround is to manually enter the command again after a reboot. (CSCdv67047)
- Anonymous5 years ago
The Cisco web site is very unhelpful! It's almost as if that $450 router was never made. The 800 series that Cisco lists links to starts at 801, where you have an 800. I think you are screwed and need to interface with it by serial port the old fashioned way. I know I can't get Best Answer as I am your other account. Damn. Looks like you will have to brush up on Cisco and find the literature that came with it (lost months ago).