https://community.cisco.com/t5/network-access-control/aaa-authentication-on-pix/m-p/128261#M439253 <P>I want to setup AAA Authentication on PIX using Tacacs+ server. </P><P>I am using CiscoSecure ACS for Windows 2000.</P><P>Can anyone point me in the right direction on how to set this up.</P><P>I also need to setup different user levels. Like one group has full access and other group has ReadOnly. I have it working on my Routers, now I need to set it on my PIX.</P><P></P><P>Thanks for any and all the help.</P><P>Rajeev</P> Sun, 10 Mar 2019 14:10:26 GMT rajeev.gupta 2019-03-10T14:10:26Z https://community.cisco.com/t5/network-access-control/aaa-authentication-on-pix/m-p/128261#M439253 <P>I want to setup AAA Authentication on PIX using Tacacs+ server. </P><P>I am using CiscoSecure ACS for Windows 2000.</P><P>Can anyone point me in the right direction on how to set this up.</P><P>I also need to setup different user levels. Like one group has full access and other group has ReadOnly. I have it working on my Routers, now I need to set it on my PIX.</P><P></P><P>Thanks for any and all the help.</P><P>Rajeev</P> Sun, 10 Mar 2019 14:10:26 GMT https://community.cisco.com/t5/network-access-control/aaa-authentication-on-pix/m-p/128261#M439253 rajeev.gupta 2019-03-10T14:10:26Z https://community.cisco.com/t5/network-access-control/aaa-authentication-on-pix/m-p/128262#M439254 <HTML><HEAD></HEAD><BODY><P>Here is the starting link for that</P><P><A class="jive-link-custom" href="http://www.cisco.com/warp/public/110/pix51.shtml" target="_blank">http://www.cisco.com/warp/public/110/pix51.shtml</A></P><P>Many sample config using PIX and tacacs can be found at</P><P><A class="jive-link-custom" href="http://www.cisco.com/pcgi-bin/Support/browse/psp_view.pl?p=Hardware:PIX&amp;viewall=true" target="_blank">http://www.cisco.com/pcgi-bin/Support/browse/psp_view.pl?p=Hardware:PIX&amp;viewall=true</A></P></BODY></HTML> Wed, 05 Mar 2003 00:23:52 GMT https://community.cisco.com/t5/network-access-control/aaa-authentication-on-pix/m-p/128262#M439254 tepatel 2003-03-05T00:23:52Z https://community.cisco.com/t5/network-access-control/aaa-authentication-on-pix/m-p/128263#M439255 <HTML><HEAD></HEAD><BODY><P>Thanks for the link, it helped alot....</P><P></P><P>now I am able to authentication but not authorization, my "ReadOnly" users are able to get into config mode, and make changes....</P><P></P><P>I need them to be only execute SHOW command and gew other commands, how would I do that....</P><P></P><P>here is my current PIX config....</P><P></P><P></P><P>aaa-server TACACS+ protocol tacacs+ </P><P>aaa-server TACACS+ (inside) host 10.XXX.YYY.ZZ bigkey timeout 10</P><P>aaa-server RADIUS protocol radius </P><P>aaa authentication enable console TACACS+</P><P>aaa authentication http console TACACS+</P><P>aaa authentication telnet console TACACS+</P><P></P><P>-Thanks for all the help...</P><P></P></BODY></HTML> Wed, 05 Mar 2003 16:26:04 GMT https://community.cisco.com/t5/network-access-control/aaa-authentication-on-pix/m-p/128263#M439255 rajeev.gupta 2003-03-05T16:26:04Z