[x]
Posted via EE Mobile

Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.
05/22/2009 at 08:19PM PDT, ID: 24432806 | Points: 500
[x]
Attachment Details

Pix and TACACS (Cisco ACS)

Asked by dissolved in Cisco PIX Firewall

I have had an internal switch successfully authenticating to a windows box running ACS for a while.
In my ACS, the NAS is configured as the switch's IP (192.168.3.254)

I want to have my pix authenticate to the ACS box as well. However, it doesn't seem to work unless I specify the PIX as the NAS, in the ACS box. But I do that, the switch cannot authenticate to ACS anymore.

Can you only have one NAS configured in ACS?  If so, how will other devices authenticate? 
1:
2:
3:
4:
5:
6:
7:
8:

aaa new-model             
aaa authentication login default group tacacs+                                              
aaa authentication login no_tacacs enable                                         
aaa authentication ppp default group tacacs+                                            
aaa authorization exec default group tacacs+                                            
aaa authorization network default group tacacs+                                               
aaa accounting exec default start-stop group tacacs+                                                    
aaa accounting network default start-stop group tacacs+
[+][-]05/23/09 07:12 AM, ID: 24457895

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
 
Loading Advertisement...
20091111-EE-VQP-91 - Hierarchy / EE_QW_3_20080625