configuration of AAA on a firewall module

Unanswered Question
Jan 20th, 2009
User Badges:

How to configure AAA on a FWSM (firewall module) on a catalyst C6509.

I need to protect the SSH accès on the firewall.

This is the command line that I use right now but it is not ok think:

aaa-server TEST protocol tacacs+


aaa-server TEST host

key xxx


no aaa authentication telnet console LOCAL

aaa authentication SSH console TEST LOCAL

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Yudong Wu Wed, 01/21/2009 - 14:30
User Badges:
  • Gold, 750 points or more

1. Is AAA server in Inside network or Outside network? you mighit need to specify "interface name" in command 'aaa-server host".

2. Make sure your SSH config is correct.

You can just use LOCAL authentication to test if SSH is working fine.

3. In later code, you can use "test aaa-server" command to test the connectivity between FWSM and AAA server.

4. Make sure FWSM is added as AAA client in AAA server. Shared key is configured the same between FWSM and AAA server.


This Discussion