Firewall ACS Authentication on Outside interface

Unanswered Question
May 20th, 2008

I have pix 535, i want to configure it for ACS authentication, but problem is that, users tries to login from inside interface and ACS located on outside interface of pix firewall.


I have configured the following commands but still not able to get the authentication,



aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ (inside) host 172.28.x.x x.x.x

aaa-server TACACS+ (inside) host 172.28.x. xx

aaa authentication ssh console TACACS+ LOCAL

aaa authentication serial console LOCAL

aaa authentication enable console TACACS+ LOCAL

aaa authorization command TACACS+

aaa accounting command privilege 15 TACACS+

aaa accounting enable console TACACS+


same configuration is working fine for me with rest of the firewalls of my network bcz ACS and users are located on the same interface side, only this firewall is having problem.


Firewall is not having any thing like source interface like routers have.


Please help me out.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
wasiimcisco Tue, 05/20/2008 - 06:37

sorry i post the wrong configuration, please correct



aaa-server TACACS+ (outside) host 172.28.x.x x.x.x

aaa-server TACACS+ (outside) host 172.28.x. xx



Actions

This Discussion