https://community.cisco.com/t5/network-security/asa5510-and-ips-module/m-p/1014051#M917981 <HTML><HEAD></HEAD><BODY><P>We have our ASAs using AAA pointing to a TACACS server.</P><P></P><P>How would it be done in this case?</P></BODY></HTML> Wed, 25 Jun 2008 01:35:50 GMT wilson_1234_2 2008-06-25T01:35:50Z https://community.cisco.com/t5/network-security/asa5510-and-ips-module/m-p/1014049#M917952 <P>We have an ASA 5510 with an IPS module.</P><P></P><P>Can the two be configured for access seperately?</P><P></P><P>For example someone having access to the ASDM can only view the firewall config but edit and manage the IPS module.</P><P></P><P>And the iopposite of view the IDS module and manage the firewall config. </P><P></P><P>The IPS module has its own IP Address.</P><P></P><P></P> Mon, 11 Mar 2019 13:02:39 GMT https://community.cisco.com/t5/network-security/asa5510-and-ips-module/m-p/1014049#M917952 wilson_1234_2 2019-03-11T13:02:39Z https://community.cisco.com/t5/network-security/asa5510-and-ips-module/m-p/1014050#M917965 <HTML><HEAD></HEAD><BODY><P>Yes Wilson, just use separate passwords for each. </P><P></P><P>But just make sure both guys are good friends otherwise the IPS guy could block all traffic for the ASA guy and the ASA guy could shutdown/reset the IPS module using the CLI <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>Regards</P><P></P><P>Farrukh</P></BODY></HTML> Mon, 23 Jun 2008 01:20:20 GMT https://community.cisco.com/t5/network-security/asa5510-and-ips-module/m-p/1014050#M917965 Farrukh Haroon 2008-06-23T01:20:20Z https://community.cisco.com/t5/network-security/asa5510-and-ips-module/m-p/1014051#M917981 <HTML><HEAD></HEAD><BODY><P>We have our ASAs using AAA pointing to a TACACS server.</P><P></P><P>How would it be done in this case?</P></BODY></HTML> Wed, 25 Jun 2008 01:35:50 GMT https://community.cisco.com/t5/network-security/asa5510-and-ips-module/m-p/1014051#M917981 wilson_1234_2 2008-06-25T01:35:50Z https://community.cisco.com/t5/network-security/asa5510-and-ips-module/m-p/1014052#M917996 <HTML><HEAD></HEAD><BODY><P>Hi Wilson,</P><P></P><P>you can add 2 user accounts to the AAA server, one is othorized to manage ASA and the other is othorized to manage IPS module. and you have to configure AAA authentication on the IPS module.</P><P></P><P>B.regards,</P></BODY></HTML> Wed, 25 Jun 2008 09:31:55 GMT https://community.cisco.com/t5/network-security/asa5510-and-ips-module/m-p/1014052#M917996 mohammed_moustafa 2008-06-25T09:31:55Z https://community.cisco.com/t5/network-security/asa5510-and-ips-module/m-p/1014053#M918002 <HTML><HEAD></HEAD><BODY><P>You can have separate usernames for IPS and ASA. To further secure this, you can use Network Access Restrictions (but they sometimes do not work well with security devices as they don't send the complete information). Also the IPS does not support AAA, so there you will have to use local database anyway (thereby isolating things).</P><P></P><P>Regards</P><P></P><P>Farrukh</P></BODY></HTML> Wed, 25 Jun 2008 12:59:36 GMT https://community.cisco.com/t5/network-security/asa5510-and-ips-module/m-p/1014053#M918002 Farrukh Haroon 2008-06-25T12:59:36Z