Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

PIX outbound user authentication

PIX by default allow all the user behind the firewall to access Internet, Is they any way to configure PIX to force user to authenticate against PIX local username database ( Instead of TACACS+ and Radius), before accessing the Internet.

Thanks

3 REPLIES

Re: PIX outbound user authentication

Hi,

Unfortuantely, the answer is no for using the local username database. I believe the only features that we can use the local database for is remote access like PPTP and IPSec client access. Tacacs and Radius are the only options for outbound authentication. Sorry. You may want to talk to your local Cisco account team about a feature request if this is something you need/want.

Scott

Community Member

Re: PIX outbound user authentication

Scott,

Could local database work in junction with Virtual HTTP command to get it works???

Thanks

Re: PIX outbound user authentication

Actually, I think I mis-spoke earlier. After making the post, I went back and looked becuase I thoughtr I remembered something being added recently that changed this. Turns out, you can use the Local user database for cut through proxy authentication in later code (6.2 and above). Just specify LOCAL in the "group_tag" parameter. See the following - http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/ab.htm#1111727

Sorry about that!

Scott

172
Views
0
Helpful
3
Replies
CreatePlease to create content