Firewall Wizards mailing list archives
RE: Authentication on PIX.
From: "Pete Capelli" <pcapelli () nsec net>
Date: Wed, 10 Sep 2003 10:18:23 -0400
I believe the ACL's can overlap; the problem is that no ACS user can be a member of more than one group (in the current revision of ACS) -pete -----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com]On Behalf Of Melson, Paul Sent: Monday, September 08, 2003 4:53 PM To: Firewall Wizards List Subject: RE: [fw-wiz] Authentication on PIX. Yes, but this [apparently] requires using Cisco Secure ACS (Access Control Server) as the RADIUS server. http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/config /mngacl.htm#1137235 If memory serves, the one caveat is that the group access-lists can't overlap. PaulM
-----Original Message----- I need to enable authentication on the PIX515 for multiple user groups,
each
group having access to a pre-defined set of services. A user can be part
of
more than one group. Can this be done on a PIX with Radius authentication?
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Authentication on PIX. George J. Jahchan, Eng. (Sep 08)
- <Possible follow-ups>
- RE: Authentication on PIX. Melson, Paul (Sep 09)
- RE: Authentication on PIX. Pete Capelli (Sep 12)
- RE: Authentication on PIX. George J. Jahchan, Eng. (Sep 16)