configuration of AAA on a firewall module

Unanswered Question
Jan 20th, 2009

How to configure AAA on a FWSM (firewall module) on a catalyst C6509.

I need to protect the SSH accès on the firewall.

This is the command line that I use right now but it is not ok think:

aaa-server TEST protocol tacacs+

exit

aaa-server TEST host 192.168.200.167

key xxx

exit

no aaa authentication telnet console LOCAL

aaa authentication SSH console TEST LOCAL

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Yudong Wu Wed, 01/21/2009 - 14:30

1. Is AAA server in Inside network or Outside network? you mighit need to specify "interface name" in command 'aaa-server host".

2. Make sure your SSH config is correct.

You can just use LOCAL authentication to test if SSH is working fine.

3. In later code, you can use "test aaa-server" command to test the connectivity between FWSM and AAA server.

4. Make sure FWSM is added as AAA client in AAA server. Shared key is configured the same between FWSM and AAA server.

Actions

This Discussion