Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Authentication on PIX.

From: "Pete Capelli" <pcapelli () nsec net>
Date: Wed, 10 Sep 2003 10:18:23 -0400
        I believe the ACL's can overlap; the problem is that no ACS user can be a
member of more than one group (in the current revision of ACS)

-pete

-----Original Message-----
From: firewall-wizards-admin () honor icsalabs com
[mailto:firewall-wizards-admin () honor icsalabs com]On Behalf Of Melson,
Paul
Sent: Monday, September 08, 2003 4:53 PM
To: Firewall Wizards List
Subject: RE: [fw-wiz] Authentication on PIX.


Yes, but this [apparently] requires using Cisco Secure ACS (Access Control
Server) as the RADIUS server.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/config
/mngacl.htm#1137235

If memory serves, the one caveat is that the group access-lists can't
overlap.

PaulM



 -----Original Message-----
I need to enable authentication on the PIX515 for multiple user groups,

each

group having access to a pre-defined set of services. A user can be part

of

more than one group.

Can this be done on a PIX with Radius authentication?

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: