Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
237
Views
0
Helpful
2
Replies

Remote access VPN with PIX-515E-UR

subbarao.s
Level 1
Level 1

‎09-16-2003 07:05 PM - edited ‎02-21-2020 12:46 PM

Is there any provision on PIX-515E to hold local user database for authentication like VPN Concentrator 3000 series. If yes, hoow many user account I can have locally with out any external AAA Server. Is it possible PIX to authenticate against Windows NT/Windows 2000 User database directly?

I want to use PIX-515E-UR firewall with 6.3 image for remote access solution. Is it necessary to buy Cisco Secure ACS3.2 for authentication?

Thanks,

Subba Rao

Labels:
0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎09-17-2003 04:03 PM

You can use the local user database within the PIX with 6.3 code. You would configure the following:

crypto map client authentication LOCAL

username password

You can have as many "username" commands as you like, there's no theoretical limit other than the maximum size of the config file is 2Meg.

No, the PIX won't authenticate against AD/NT directly, it'll only do Radius or TACACS external authentication. You don't have to buy ACS though, you can just use the inbuilt Windows Radius server (IAS) with comes free with Win2K Server (I believe), then point the PIX at that and IAS will authenticate users out of your AD/NT tree.

0 Helpful

subbarao.s
Level 1
Level 1
In response to gfullage

‎09-17-2003 04:40 PM

Thank you very much.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents