I have an issue with a PIX 515E using radius authentication. What i am trying to achieve is to authenticate all users on the inside network when accessing any network on the outside. This firewall is not connected to the internet and is only being used for authentication as our remote site is a shared office space.
I am defining the traffic that needs to need authenticated using the include/exclude commands. What appears to be happening is that the request is sent to the radious server but no replys are being received. The radious server is also receiving multiple authentication requests in the logs on the ACE server.Also the tcp/0 under the "aaa authentication" statement, if removed then i get no authentication at all even though i have specified HTTP to be authenticated.
I have attached the config as i have it setup in the lab. Any suggestions would be appreciated.
RADIUS and TACACS+ authentication can be done for FTP, Telnet, and HTTP connections through the Cisco Secure PIX Firewall. Authentication for other less common protocols are usually made to work. TACACS+ authorization is supported. RADIUS authorization is not supported. Changes in PIX 5.2 authentication, authorization, and accounting (AAA) over the earlier version include AAA access list support to control who is authenticated and what resources the user accesses. In PIX 5.3 and later, the authentication, authorization, and accounting (AAA) change over earlier versions of code is that the RADIUS ports are configurable.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...