Re: AAA Authentication Exclude - PIX 515

helpdesk · ‎05-13-2002

Is it possible to configure an exclude statement to allow a workstation on the inside interface access to the PIX console via Telnet without requiring a username and password?

s-doyle · ‎05-20-2002

Even without AAA you’ll need to authenticate the user locally to telnet to the PIX.

helpdesk · ‎05-20-2002

Thank you for replying.

I know that authentication has to take place, for any telnet connection to the PIX. More explaination is required:

I am using RSA SecurID's to telnet into the PIX. I would like to use SnortSAM to automatically apply shunt commands, based on particular events. However, this tool is not able to authenticate into the PIX using a SecurID token. Is it possible to apply a rule that would allow this client to telnet into the PIX with a standard telnet password verses the username and password (that changes every minute) that RSA expects?

ciscomoderator · ‎05-21-2002

Often times complex configuration issues are best addressed in an interactive session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

To utilize the resources at our Technical Assistance Center, please visit http://www.cisco.com/tac and to open a case with one of our TAC engineers, visit http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.