Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
402
Views
0
Helpful
2
Replies

cut-thrgh authorization problem with acs and asa

diptanshusingh
Level 1
Level 1

‎02-15-2007 09:51 PM - edited ‎03-10-2019 02:59 PM

hi i have a problem guys.. i am using an asa firewall with cisco acs 3.1. i want to use authorization with cut thrgh proxy using tacacs+..

access-list auth_prxy extended permit ip any any

aaa authentication match auth_prxy inside acs

aaa authorization match auth_prxy inside acs

aaa-server acs protocol tacacs+

aaa-server acs host Server

key secret

when i try it says not authorized.. i was trying to add auth-proxy attribute in acs for tacacs+ but it's not working..

Labels:
0 Helpful
2 Replies 2

Vivek Santuka
Cisco Employee
Cisco Employee

‎02-19-2007 09:13 AM

Hi,

Auth-proxy is an IOS concept.

On Asa cut through authentication is possible.

For Cut through to work you need not add the auth-proxy attribute in ACS. If the user exists and the password is correct, Asa would let the traffic go through.

This might help :-

http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_70/config/fwaaa.htm#wp1043681

Regards,

Vivek

0 Helpful

diptanshusingh
Level 1
Level 1
In response to Vivek Santuka

‎02-19-2007 09:16 AM

Hi vivek

thanks for ur reply.. i had already figured it out.. we can do the authorization also for cut thrgh with the help of shell command authorization using tacacs+..

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents