PIX authentication from local users

PIX authentication from local users

Post by Krzyszto » Fri, 10 May 2002 22:21:51



Hi,

I found on CCO a sample of enabling local users to be used for AAA. Here is
the page: http://www.cisco.com/warp/customer/110/pix_command.shtml
Then I tried to apply a command: "aaa-server LOCAL protocol local" but
there is no such option. I can only specify radius or tacacs+. I have
PIX515UR with software 6.2(1). Is there any way to accomplish that? TIA.

Krzysztof

 
 
 

PIX authentication from local users

Post by Kevin Stev » Wed, 15 May 2002 03:30:33




>I found on CCO a sample of enabling local users to be used for AAA. Here is
>the page: http://www.cisco.com/warp/customer/110/pix_command.shtml
>Then I tried to apply a command: "aaa-server LOCAL protocol local" but
>there is no such option. I can only specify radius or tacacs+. I have
>PIX515UR with software 6.2(1). Is there any way to accomplish that? TIA.

The local server protocol should be the default, and in fact, it
doesn't appear it can be removed:

bilder(config)# no aaa-server LOCAL protocol local
Change/Remove the 'LOCAL' tag config is not allowed

Once you have local users, you can add something like:

aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL

--

Atomic Gears LLC | http://www.atomicgears.com/