PIX & ACS - AAA Authorization

From: John Elias (jelias_@hotmail.com)
Date: Sun Jul 11 2004 - 22:58:06 GMT-3

• Next message: Adel Abouchaev: "Re: BGP Regular Expression - logic help"
• Previous message: Nick Tucker: "Re: ISIS"
• Next in thread: Devi Mallampalli: "RE: PIX & ACS - AAA Authorization"
• Maybe reply: Devi Mallampalli: "RE: PIX & ACS - AAA Authorization"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

All,

    I have several PIX 525 in different locations. I have setup an ACS
Server. If the ACS server is up, all is fine with authentication and
authorization. If the ACS server goes down, I can authenticate with the
built in pix account. Only problem is authorization. Once I authenticate
with the pix account, I am unable to execute any commands. My question, is
there any other way besides leaving the authorization to LOCAL and moving
some privileges to a lower level (for other users), to have the PIX default
to authorize locally only if the tacacs is not available.

Thanks In Advance,

John E.
CCIE 8150

• Next message: Adel Abouchaev: "Re: BGP Regular Expression - logic help"
• Previous message: Nick Tucker: "Re: ISIS"
• Next in thread: Devi Mallampalli: "RE: PIX & ACS - AAA Authorization"
• Maybe reply: Devi Mallampalli: "RE: PIX & ACS - AAA Authorization"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Aug 01 2004 - 10:11:52 GMT-3