AAA implementation
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-27-2011 11:40 PM - edited 03-10-2019 05:51 PM
Hi Experts,
I like to implement AAA in my environment. I have an ASA5505. Which is the best AAA server ??? I heard about FREERADIUS, RADIUS,TACACS...
I dont know much about these things.. Iam new to security.... Please guide me....
where do i start????
Thanks,
Vipin
- Labels:
-
AAA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-27-2011 11:48 PM
Hi Vipin,
Choosing a AAA server is entirely your choice and depends on the design as well.
Here is the link that describes the difference between the two protocols.i.e. RADIUS and TACACS+
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml
Radius is free server while for TACACS+ you will have to pay and configure in the ACS
Configuration on ASA will be something like this:
# create a local user account on PIX.
username XXXX password XXXX privilege 15
# define server tag and set deadtime to 0
aaa-server
# define radius servers
aaa-server
# for console/telnet/ssh/http authentication
# LOCAL at the end will let the authentication to fallback to local PIX.
aaa authentication serial console
aaa authentication telnet console
aaa authentication ssh console
aaa authentication http console
#for command accounting.
aaa accounting command
AAA server will vary depending on what you have as a AAA server.
Hope this helps.
Regards,
Anisha
P.S.: Please mark this thread as answered if you feel your query is resolved . Do rate helpful posts.
