hi Yatin

thanks for your quick response, i saw already this example

but don't know how to explicit redirect outside user to authenticate/authorize

on radius thru PIX ?

is it documented somewhere

thanks

JYP

Hi

thanks also saw these article but didnt macht with Customer's configuration

Client without VPN client ==== >PIX 6.2 ===AAA==>Radius Server

JYP

What's not matching the requirement? The examples show 'outbound' authentication and authorization, if you need it for INBOUND users, then just changee the commands for inbound.

Is that the concern or something else?

thanks,

yatin

customer applied exactly same setup as reported in article

"performing authentication;authorization and accouting of users through PIX

Versions 5.2 and later"

but still doesnt work so did it really work with Raduis server ?

thanks for any comments

JYP

Hi,

I should have quoted this earlier for clarity, but that is the very first line in the doc on the url I sent;

RADIUS and TACACS+ authentication may be done for FTP, Telnet, and HTTP connections. TACACS+ authorization is supported; RADIUS authorization is not.

Thanks,

yatin

thanks for your response customer finally find a configuration

that works with Radius Authorization !!! even not supported

but is very disapointed about security issue because he need

to apply an access-list whole open in this outside connection

in order to work like

access-list 101 permit tcp any any eq telnet ?

is it the correct configuration and safety one ?

thanks

JYP