Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
638
Views
0
Helpful
5
Replies

Setting up AAA on PIX515e

hornbeck
Level 1
Level 1

‎05-10-2006 12:47 PM - edited ‎02-21-2020 10:15 AM

Trying to set up AAA on the PIX515e so I assign accounts with different privilege levels for access. I used aaa-model on my routers and it worked fine. I am stuck here. Any advice or direction is greatly welcome! TIA, Gary /

Labels:
0 Helpful
5 Replies 5

sebastan_bach
Level 4
Level 4

‎05-10-2006 02:06 PM

hi gary could u tell me what u are trying to do. i can easily help u out.

set the aaa authentication serial console LOCAL

aaa authorisation command LOAL

create the uses with respective privilege levels.

then with the privilege commands se the commands.

we have show commands ,clear commands and the actual commands eg:access-list

see in pix we can see the show commands at the exec mode as well as the configure mode as well. similarly allowing the clear commadn make sure the user is not allowed to execute the clear configure command. cause then he can overwrite all ur configuration.

tell me ur requirements i can help u out.

regards

sebastan

0 Helpful

hornbeck
Level 1
Level 1
In response to sebastan_bach

‎05-10-2006 02:59 PM

Thank your for your time. I am new to creating accounts with AAA. I simple want to have staff log into this firewall with their name and password. We have presently been using priviledge account for everything.

TIA,

Gary

0 Helpful

Fernando_Meza
Level 7
Level 7
In response to hornbeck

‎05-10-2006 08:01 PM

Hi try the below commands .. NOTE; this will use the local database on the PIX and so you need to cerate the username and passwords on the PIX itself. You could also use a radius server if you like.

aaa-server LOCAL protocol local

aaa authentication http console LOCAL

aaa authentication ssh console LOCAL

aaa authorization command LOCAL

username user password **** privilege

I hope it helps ... please rate it if it does !!!

0 Helpful

hornbeck
Level 1
Level 1
In response to Fernando_Meza

‎05-11-2006 10:04 AM

Thank you very much. I am trying to set up our PIX515e to accept ssh connections with individual user accounts....

TIA,

Gary

0 Helpful

Fernando_Meza
Level 7
Level 7
In response to hornbeck

‎05-11-2006 06:46 PM

yes ... so this should work as long as you open access to yur PIX by ssh ..

ssh ip_address [netmask] [interface_name]

where ip_address is the Ip address(s) allowed to connect

Interface_name is the interface they can connect to i.e inside

I hope it helps .. please rate it if it does !!!

0 Helpful
Customers Also Viewed These Support Documents