[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 672
  • Last Modified:

ACS 4.1 and ASA 5510 Firewall.

Does anyone know if ACS4.1 can work with ASA5510 with TACACS+ authentication or I have to use RADIUS? Please also provide  me some steps or link on how to go about it if possible.
0
oliverwari
Asked:
oliverwari
  • 2
2 Solutions
 
MikeKaneCommented:
Well, I don't have specific knowledge on that version...  but the ASA will certainly work with TACACS+ for authentication.    

Here are links showing the configuration examples on the ASA with TACACS+, hopefully it will get you going...

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008046f307.shtml
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807349e7.shtml
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800949d6.shtml#csnt-tacacs

0
 
oliverwariAuthor Commented:
What I am trying to do is configure such that the ASA administrator should be logging into the device via the ACS 4.1 server.   The ASA device is reporting an AAA decode failure....server secret mismatch.
0
 
MikeKaneCommented:
TACACS (as well as radius) use a key to provide the encryption between the server and clients.     If the keys don't match, you might see an error like this.  


Here's another excellent paper that's worth a read:
http://www.sans.org/reading_room/whitepapers/networkdevs/understanding_and_implementing_tacacs_117
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now