Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Flow of authentication and authorization

I have question about the flow of authentication for outbound and inbound users. This relates to how access rules and AAA work together.If I need to allow all users inside to access pop3 on the outside, do I need to create an access rule that follows:

access-list inside_access_in permit tcp any any eq pop3

and also a AAA rule that states:

access-list inside_authorization_TACACS+ deny tcp any any eq pop3

because I have a authorization statement at the end that states:

access-list inside_authorization_TACACS+ permit ip any any

or will the access rule be enough? In other words, how do the access rules and aaa rules work together??

1 REPLY
New Member

Re: Flow of authentication and authorization

I’m pretty sure AAA is checked before the ACL and takes priority.

96
Views
0
Helpful
1
Replies
CreatePlease to create content