Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Firewall ACS Authentication on Outside interface

I have pix 535, i want to configure it for ACS authentication, but problem is that, users tries to login from inside interface and ACS located on outside interface of pix firewall.

I have configured the following commands but still not able to get the authentication,

aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ (inside) host 172.28.x.x x.x.x

aaa-server TACACS+ (inside) host 172.28.x. xx

aaa authentication ssh console TACACS+ LOCAL

aaa authentication serial console LOCAL

aaa authentication enable console TACACS+ LOCAL

aaa authorization command TACACS+

aaa accounting command privilege 15 TACACS+

aaa accounting enable console TACACS+

same configuration is working fine for me with rest of the firewalls of my network bcz ACS and users are located on the same interface side, only this firewall is having problem.

Firewall is not having any thing like source interface like routers have.

Please help me out.

1 REPLY
New Member

Re: Firewall ACS Authentication on Outside interface

sorry i post the wrong configuration, please correct

aaa-server TACACS+ (outside) host 172.28.x.x x.x.x

aaa-server TACACS+ (outside) host 172.28.x. xx

113
Views
0
Helpful
1
Replies
CreatePlease login to create content