08-18-2004 07:30 AM - edited 02-21-2020 01:18 PM
Has anyone configured this? If so I would very much appreciate the procedure you used to do it, I presume you also need a TCP connection on port 49 defined in the access list to you ACS servers.
Many thanks in advance,
David
08-18-2004 11:19 AM
David,
I assume you are referring to authenticating admin sessions via TACACS. If not, please let me know.
Assuming so, take a look at the following document:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e71.shtml
The FWSM uses the same CLI as the PIX for this type of setup.
And finally, you do not need an ACL entry allowing TCP/49 to the FWSM. ACL's on the FWSM/PIX only affect traffic going *through* the firewall rather than *to* the firewall. This is the same concept as not having to allow TCP or SSH in your access-list in order to manage the FWSM.
Hope this helps.
Scott
08-19-2004 03:26 AM
Scott,
This is fine, thanks for your help.
David
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide