We are running an PIX 515 and we use a Cisco ACS 1113 server as our tacacs server for authentication (TACACS). Our department head has decided that he would like our help desk folks to have access to our PIX via PDM so they may be able to view rules in place as well as some other monitoring functions. They can access the PIX via PDM but the issue is that they are at full enable 15 privilege. I need to know if there is a way to give them access to the firewall via PDM with read only permissions or if there would be a way to setup some sort of PIX command authorization with the ACS server so that they cannot make major configuration changes but still permit the senior members of the team the ability to make the changes. If anybody knows if there is any way to limit permissions available to folks via PDM and can either let me know how or point me to the proper documentation I would appreciate it. Thanks in advance.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...