Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
396
Views
0
Helpful
1
Replies

ASA / PIX Firewall and AAA

Muhammad Haseeb
Level 1
Level 1

‎01-18-2012 11:15 PM - edited ‎03-11-2019 03:16 PM

Hi,

I am recently reading ASA and PIX Firewll Handbook. In this book, I have read that ASA firewall Identity required Each user in the enterprise his/her own password . Why do we require each one pass word in AAA. Second , How does one user with one computer having IP Adddress 192.168.2.1 is associated with particular password in AAA. Can we simply have one password for all enterprise users?

Labels:
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎01-18-2012 11:54 PM

Hello Muhammad,

Why do we require each one pass word in AAA?

- AAA is based on a database of user and passwords that can be stored on the ASA/PIX device on a remote server, the whole purpose of this is to provide a better approach when allowing users to access and monitoring what they do on our network.

Imagine yourself a general password for SSH or ASDM access, and there are 100 users, and one of them is going to leave your company.. You will need to let the other 99 users the new password just because one of them leave...

So one password per username will be more scalable,flexible and secure!!

How does one user with one computer having IP Adddress 192.168.2.1 is associated with particular password in AAA. Can we simply have one password for all enterprise users?

-With AAA enabled no as there will be a dedicated password to EACH username.

Hope this helps,

Julio

Please rate helpful posts!!

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card