You can refer to the mail that in the archive. With regards Kings
On Sun, Jul 24, 2011 at 5:34 AM, Adil Pasha <[email protected]> wrote: > Hi guys, > > I am testing IOS auth-proxy feature using the following topology in my lab. > > Desktop -----> R9 (IOS auth-proxy) --------> R2 (http server running on > port 8080) > > The problem I am seeing is the port redirection is not working on R9. When > I http to R2 using port 8080 the session completely bypasses router R9 and > no auth-proxy challenge. I believe that is due to the fact that auth-proxy > is enabled on http default port 80. Please let me know if I am wrong. > > When I try my http session to R2 on http port 80 the auth-proxy router R9 > prompts for username/password. I enter the username and password and it gets > authenticated but I do not get the page since R2 http server is running on > port 8080. > > If I change the R2 http server port 8080 to port 80 all works fine as it is > supposed to work. > > Please let me know what am I missing or doing wrong here? > Why the "ip port-map" command is not working on R9? > > ---------------------------------------------------------------- > *ACS configuration:* > > Username = ap-user1 Password = cisco > > priv-lvl=15**** > > proxyacl#1=permit tcp any any eq http**** > > *R9 auth-proxy configuration:* > aaa authentication login default group tacacs+ local > aaa authentication login noAAA none > aaa authorization auth-proxy default group tacacs+ local > aaa accounting auth-proxy default > action-type start-stop > ! > ip auth-proxy auth-proxy-banner http ^C > please enter your username and password > ^C > ip auth-proxy name cisco http inactivity-time 60 > ip admission auth-proxy-banner http ^C > please enter your username and password > ^C > ! > ip port-map http port tcp 8080 > ! > interface GigabitEthernet0/0 > ip address 10.10.10.9 255.255.255.0 > ip auth-proxy cisco > duplex auto > speed auto > ! > ip http server > ip http access-class 61 > ip http authentication aaa > access-list 61 deny any > ! > > *R2 http server configuration:* > ip http server > ip http port 8080 > > > > > Best Regards. > ______________________ > Adil > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
