Firewall Wizards mailing list archives
RE: How AAA in PIX Firewall ?
From: "Melson, Paul" <PMelson () sequoianet com>
Date: Wed, 3 Dec 2003 17:18:06 -0500
-----Original Message-----
1- How to implement AAA (Authentication, Authorization, Accounting) in PIX firewall. I now that Cisco have the "Cisco Secure Access Control Server" for AAA but is very expensive. Is possible to implement AAA without "Cisco Secure ACS" in PIX firewall, if is possible what will bee the limitations ?
The PIX will work with any standard RADIUS or TACACS server such as Microsoft IAS or FreeRADIUS. You only need Secure ACS for certain applications. Basic user authentication does not require Secure ACS.
2- Is PIX 506 sufficient to me, or I need the next PIX 515-UR? I need at less 75 concurrent VPN connections.
The 506 is EOL, so I wasn't able to look up its capacity. The 506E (which is what you would have if you bought one in the last year or two), supports a maximum of 25 simultaneous IKE SAs, which doesn't meet your criteria. The next model up is the Cisco 515E which, with the VPN accelerator card that is included with an unrestricted (UR) bundle, can handle 2,000 simultaneous IKE SAs. PaulM _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- How AAA in PIX Firewall ? Adel Guia Cruz (Dec 03)
- RE: How AAA in PIX Firewall ? Wes Noonan (Dec 03)
- <Possible follow-ups>
- RE: How AAA in PIX Firewall ? Melson, Paul (Dec 03)
- RE: How AAA in PIX Firewall ? Adel Guia Cruz (Dec 06)
- RE: How AAA in PIX Firewall ? Wes Noonan (Dec 06)
- RE: How AAA in PIX Firewall ? Ray Burkholder (Dec 11)
- RE: How AAA in PIX Firewall ? Wes Noonan (Dec 06)
- RE: How AAA in PIX Firewall ? Adel Guia Cruz (Dec 06)
- RE: How AAA in PIX Firewall ? Wes Noonan (Dec 06)