PIX 501 authentication with LOCAL database
Posted on 2004-09-08
Say I have a host behind a PIX 501 firewall; outside the PIX there is a LAN:
I will use PcAnywhere from a host (say HOST A) on LAN to take control of HOST B.
I would like to perform authentication at the firewall, instead of doing it using Pc Anywhere.
Is it possible to do that WITHOUT using TACACS+ or RADIUS server ? I guess so, since these two should only be a solution for decentralizing database and administrative tasks. I was thinking about using the following command lines:
First: define users in the local DB with:
username <user> password <password> privilege <0-15>
aaa-server LOCAL protocol local
aaa authentication serial|telnet|ssh|http|enable console LOCAL (to enable authentication using local DB)
Am I wrong ? What would happen if I entered these aaa...lines ?