I'm trying to understand what the following command would do:
"aaa accounting include tcp/0 inside 18.104.22.168 255.255.255.255 22.214.171.124 255.255.255.255 TACACS+"
(126.96.36.199 is any old host, 188.8.131.52 is the PIX)
I think I get "include" (create a new rule) & "tcp/0" (the rule specifies all tcp ports).
But 184.108.40.206 (which pix ios 6.3 doc calls local_ip -"host or network of hosts that you want to be authenticated or authorized") - I think that would be the clients. Is that right?
And 220.127.116.11 (called foreign_ip) is not clear at all - The doc calls this foreign_ip - "hosts you want to access the local_ip address". Given that I've defined 18.104.22.168 as the PIX, this seems to have the PIX accessing the clients. Yet if I flip the IP addresses, I get the PIX being the box I want to have authenticated, which also doesn't seem right...
Probably I'm completely missing what circumstances this would be used for. On my network, so far all we use AAA for is logging telnet access into devices, and logging the commands that are executed on the devices, but I know AAA is also used to allow users access to various things...
TIA - Linnea