RE: PIX Question

From: Scott Morris (swm@emanon.com)
Date: Sat Nov 11 2006 - 23:46:13 ART

• Next message: shank shank: "Bgp help"
• Previous message: Lab Rat #109385382: "PIX Question"
• Maybe in reply to: Lab Rat #109385382: "PIX Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Not to be too picky, but a quick jaunt through the Documentation CD may give
you a really good answer:

"We recommend using the aaa authentication match command instead of the aaa
authentication include or exclude command. You cannot use the aaa
authentication include or exclude command and the aaa authentication match
command in the same configuration. The aaa authentication match command uses
an access list to match traffic, and is a more robust command for this
feature."

:)

 
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE
#153, CISSP, et al.
CCSI/JNCI-M/JNCI-J
IPExpert VP - Curriculum Development
IPExpert Sr. Technical Instructor
smorris@ipexpert.com
http://www.ipexpert.com
 
 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Lab
Rat #109385382
Sent: Saturday, November 11, 2006 9:34 PM
To: cisco@groupstudy.com; ccielab@groupstudy.com; security@groupstudy.com
Subject: PIX Question

Can someone please explain when to use "aaa authentication INCLUDE" versus
"aaa authentication MATCH"?

I understand how to configure both, I'm just trying to grasp the logic on
why to configure one over the other.from a lab perspective, of course.

Appreciate the help.

Thanks,

Ed

• Next message: shank shank: "Bgp help"
• Previous message: Lab Rat #109385382: "PIX Question"
• Maybe in reply to: Lab Rat #109385382: "PIX Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Dec 01 2006 - 08:05:46 ART