04-23-2001 07:44 AM - edited 02-21-2020 11:19 AM
I am having problems configuring my firewall to use the Secure ACS to authenticate remote user who VPN into the firewall. There isn't much documentation on the commands you need to enter in the firewall, and a lot of the ones I have found don't work on the pix. I want to authen. all users that are inbound into our network using our NT database. Any help with pix commands would be appreciated. Thanks
04-24-2001 01:20 PM
crypto map partner-map client authentication TACACS+
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ (inside) host 0.0.0.0 (Secure ACS IP Address)PIX (Name you gave IN Secure ACS) timeout 10
aaa-server RADIUS protocol radius
aaa-server VPN protocol tacacs+
You also need to give "Dial in permissions" to each user in there NT User Account.(If you checked that in Secure ACS) This is a good idea because you can control who has access through the VPN.
05-01-2001 07:09 AM
Thanks, that worked. Can you do any kind of accounting on these connections with ACS. It is authenticating, but there is nothing being logged. Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide