ACS 5.1 External Database for Accounting , Authorization for PIX

Unanswered Question
May 3rd, 2010

Hi all

I need a configuration assistance for Cisco Secure ACS 1120 with ACS version 5.1 loaded.

We are using AAA Protocol over TACACS+ for device administration , we are using RSA Token ID Server as a Extrenal Database for the authentication.

We are not able to see the Username Attribute in the Accounting Information as the Authentication is through RSA Secure ID Token Server .

IS there any means of acheiving this ?DO i need to do any changes over RSA or ACS for this to happen

Query 2

How can i do Authorization for PIX/ASA firewalls , where in i am using RSA as the Database and i dont have any users added in the internal hosts.

Kindly help me

Regards

Sree

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ganesh Hariharan Tue, 05/04/2010 - 00:02

Hi all

I need a configuration assistance for Cisco Secure ACS 1120 with ACS version 5.1 loaded.

We are using AAA Protocol over TACACS+ for device administration , we are using RSA Token ID Server as a Extrenal Database for the authentication.

We are not able to see the Username Attribute in the Accounting Information as the Authentication is through RSA Secure ID Token Server .

IS there any means of acheiving this ?DO i need to do any changes over RSA or ACS for this to happen

Query 2

How can i do Authorization for PIX/ASA firewalls , where in i am using RSA as the Database and i dont have any users added in the internal hosts.

Kindly help me

Regards

Sree

Hi Sree,

Check out the below link for pix/asa for authoriazation configuration with ACS

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_guide_chapter09186a00801fd7cb.html#wp676446

Hope to Help !!

Ganesh.H

vanamsreekanth Tue, 05/04/2010 - 00:10

Thanks Ganesh

You are the one among few every time i get a quick reply whenver i post a query

I dont have any internal user database in the ACS and all my Authentication requests are forwarded to RSA , i jus want to get the Username from the ACS and PAssword from the RSA so that i can segregate the USers based on the User name and so that i can have Authorization rules applied using the command sets and USer Groups..

Kindly also help me in the accounting for Extenal Database Authentication

Regards

Sree

Actions

This Discussion