Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

auto proxy fonctionality on PIX

is auto proxy work on PIX like on IOS firewall, customer

wants to use to authenticate users on Raduis server passing thru PIX ?

thanks for any advice

JYP

8 REPLIES
Cisco Employee

Re: auto proxy fonctionality on PIX

New Member

Re: auto proxy fonctionality on PIX

hi Yatin

thanks for your quick response, i saw already this example

but don't know how to explicit redirect outside user to authenticate/authorize

on radius thru PIX ?

is it documented somewhere

thanks

JYP

Gold

Re: auto proxy fonctionality on PIX

Hi -

The following link will be useful to your customer:

http://www.cisco.com/en/US/tech/tk583/tk547/tech_configuration_examples_list.html

Hope this helps --

New Member

Re: auto proxy fonctionality on PIX

Hi

thanks also saw these article but didnt macht with Customer's configuration

Client without VPN client ==== >PIX 6.2 ===AAA==>Radius Server

JYP

Cisco Employee

Re: auto proxy fonctionality on PIX

What's not matching the requirement? The examples show 'outbound' authentication and authorization, if you need it for INBOUND users, then just changee the commands for inbound.

Is that the concern or something else?

thanks,

yatin

New Member

Re: auto proxy fonctionality on PIX

customer applied exactly same setup as reported in article

"performing authentication;authorization and accouting of users through PIX

Versions 5.2 and later"

but still doesnt work so did it really work with Raduis server ?

thanks for any comments

JYP

Cisco Employee

Re: auto proxy fonctionality on PIX

Hi,

I should have quoted this earlier for clarity, but that is the very first line in the doc on the url I sent;

RADIUS and TACACS+ authentication may be done for FTP, Telnet, and HTTP connections. TACACS+ authorization is supported; RADIUS authorization is not.

Thanks,

yatin

New Member

Re: auto proxy fonctionality on PIX

thanks for your response customer finally find a configuration

that works with Radius Authorization !!! even not supported

but is very disapointed about security issue because he need

to apply an access-list whole open in this outside connection

in order to work like

access-list 101 permit tcp any any eq telnet ?

is it the correct configuration and safety one ?

thanks

JYP

130
Views
0
Helpful
8
Replies
CreatePlease to create content