Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA / PIX Firewall and AAA

Hi,

I am recently reading ASA and PIX Firewll Handbook. In this book, I have read that ASA firewall Identity required Each user in the enterprise his/her own password . Why do we require each one pass word in AAA. Second , How does one user with one computer having IP Adddress 192.168.2.1 is associated with particular password in AAA. Can we simply have one password for all enterprise users?

1 REPLY

ASA / PIX Firewall and AAA

Hello Muhammad,

Why do we require each one pass word in AAA?

- AAA is based on a database of user and passwords that can be stored on the ASA/PIX device on a remote server, the whole purpose of this is to provide a better approach when allowing users to access and monitoring what they do on our network.

Imagine yourself a general password for SSH or ASDM access, and there are 100 users, and one of them is going to leave your company.. You will need to let the other 99 users the new password just because one of them leave...

So one password per username will be more scalable,flexible and secure!!

How does one user with one computer having IP Adddress 192.168.2.1 is associated with particular password in AAA. Can we simply have one password for all enterprise users?

-With AAA enabled no as there will be a dedicated password to EACH username.

Hope this helps,

Julio

Please rate helpful posts!!

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
230
Views
0
Helpful
1
Replies
CreatePlease to create content