I cannot do that, because de ACS is in a network that I do not control.
So, it will be very, very, difficult to sniff the traffic for that network, particularly to and from the ACS.
But, I think this problem in not in the ACS. Because if I put all the switch doing authentication without crossing over the firewall (using the bypass) I will have no problem in authenticating with the tacacs server.
In the other end, if I use the firewall to cross over to the tacacs server, I will not succeed in authenticating with that server.
With these observations, I take that I could have some kind of problem in the ASA that do not let me to authenticate properly with the tacacs server.
If I am doing something wrong, what is it? It´s configuration? It´s network design?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...