I have a FWSM blade in a 6506 chassis. I am testing the feasability of being able to have users connect through the firewall and authenticate with an RSA ACE (Auth Manager v6.1 for WIN). I spoke to RSA and the only feedback I received was "the FWSM is not supported by the RSA ACE". It also says this in the FWSM data sheet about SDI. Before I do a lot of setting up and testing is there any way I could get this hardware to work by having the Cisco ACS in between, as the Cisco ACS is supported by the RSA ACE. Note: these are all LAN users, no dial-in, no VPN users.
LAN User A Securid <> FWSM <Tacacs+ or Radius> Cisco ACS <SDI> RSA ACE (AM v6.1)
I found this ACS/RSA doc on the Cisco web site from 2006.
Yes integrating an ACS do to the front end radius or tacacs authentication is supported if you want authentication to be handled by an RSA or some other external Radius server on the backend.
Here is the latest documentation for our ACS 5.2 product which is now supported in vmware, you can always install the software on a virtual machine and run our 90 day evaluation license if you are trying to use this as a proof of concept or want to get more familiar with the product.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...