Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
746
Views
0
Helpful
1
Replies

aaa issue

lyes.ouarti
Level 1
Level 1

‎10-02-2004 03:43 AM - edited ‎03-10-2019 01:50 PM

hi,

i would like to configure acs to athenticate the ssh access to the pix firewall using active directory( windows 2003)

is it possible?

how to do it?

thanks.

Labels:
0 Helpful
1 Reply 1

thiland
Level 3
Level 3

‎10-06-2004 12:36 PM

Yes it is possible.

First, you need to setup a RADIUS server on Win2003 (you can use the built in Internet Authentication Service (IAS)).

Once you have your RADIUS server configured, create a aaa authentication group for your radius server:

aaa-server AuthOutbound protocol radius

aaa-server AuthOutbound host 172.18.124.111 cisco

Then point your ssh authentication attempt to use RADIUS:

aaa authentication ssh console AuthOutbound

This document details setting up the IAS for VPNs. The concept is the same for shell access.

http://cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00800b6099.shtml

This one explains setting up AAA for SSH:

http://www.cisco.com/warp/public/110/authtopix.shtml#aaaauthsshconfig

0 Helpful
Customers Also Viewed These Support Documents