I believe the ACL's can overlap; the problem is that no ACS user can be a
member of more than one group (in the current revision of ACS)
-pete
-----Original Message-----
From: firewall-wizards-admin_at_honor.icsalabs.com
[mailto:firewall-wizards-admin_at_honor.icsalabs.com]On Behalf Of Melson,
Paul
Sent: Monday, September 08, 2003 4:53 PM
To: Firewall Wizards List
Subject: RE: [fw-wiz] Authentication on PIX.
Yes, but this [apparently] requires using Cisco Secure ACS (Access Control
Server) as the RADIUS server.
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/config
/mngacl.htm#1137235
If memory serves, the one caveat is that the group access-lists can't
overlap.
PaulM
> -----Original Message-----
> I need to enable authentication on the PIX515 for multiple user groups,
each
> group having access to a pre-defined set of services. A user can be part
of
> more than one group.
>
> Can this be done on a PIX with Radius authentication?
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Sep 12 2003
Intro
