AAA authentication session to FWSM module

Unanswered Question
Jul 27th, 2010
User Badges:

I need to pose a question:


I understand that the authentication process is managed in the admin context...I presently have module setup to authenticate with a local account.  However, I'd like to configure the telnet session from the switch to the FWSM using AAA.


I have a configuration on the specific contexts that allow me to SSH into the contexts, using AAA authentication, as follows:


aaa-server <group> protocol tacacs+

aaa-server <group> (outside interface) host <ip>

aaa-server <group> (outside interface) host <ip>

aaa auth en con <group> LOCAL

aaa auth ssh con <group> LOCAL


I'm a little leary about modifying the admin context for the type of auth (dont want to lock myself out)...


So, my question is, as long as i can communicate with the TACACS appliance(s) from the admin context, should the config that I'm using work for my telnet session from the switch to the FWSM?.


thanks.


bruce         

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Bruce Summers Tue, 07/27/2010 - 17:29
User Badges:

Well,


I got it to work up to the point of authenticating the enable access...


so, when i authenticate into user mode to the FWSM, it performs the auth...when i then try to enter exec mode (Enable) it isnt auth aaa...its using the local database...


thoughts?


bruce

Actions

This Discussion