Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
566
Views
4
Helpful
1
Replies

AAA implementation

vipinrajrc
Level 3
Level 3

‎02-27-2011 11:40 PM - edited ‎03-10-2019 05:51 PM

Hi Experts,

I like to implement AAA in my environment. I have an ASA5505. Which is the best AAA server ??? I heard about FREERADIUS, RADIUS,TACACS...

I dont know much about these things.. Iam new to security.... Please guide me....

where do i start????

Thanks,

Vipin

Thanks and Regards, Vipin
Labels:
0 Helpful
1 Reply 1

andamani
Cisco Employee
Cisco Employee

‎02-27-2011 11:48 PM

Hi Vipin,

Choosing a AAA server is entirely your  choice and depends on the design as well.

Here is the  link that describes the difference between the two protocols.i.e. RADIUS  and TACACS+

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a0080094e99.shtml

Radius  is free server while for TACACS+ you will have to pay and configure in  the ACS

Configuration on ASA will be something like this:

#  create a local user account on PIX.
username XXXX password XXXX privilege 15

# define server tag and set deadtime to 0
aaa-server protocol tacacs

# define radius servers
aaa-server (inside) host [ip address] [secret key]

# for console/telnet/ssh/http authentication
# LOCAL at the end will let the authentication to fallback to local PIX.
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL

#for command accounting.
aaa accounting command

AAA server  will vary depending on what you have as a AAA server.

Hope  this helps.

Regards,

Anisha

P.S.:  Please mark this thread as answered if you feel your query is resolved .  Do rate helpful posts.

Customers Also Viewed These Support Documents