Yes, you'll need to configure the PIX to use AAA and have it speak Radius or TACACS+ to the ACE server:
How to do AAA with the PIX: http://www.cisco.com/warp/public/110/atp52.html Info on Cisco talking to ACE server: http://www.rsasecurity.com/support/guides/imp_pdfs/Cisco_Remote_Access_Serve rs_and_Pix_FW.pdf You can probably get more info from the RSA site. HTH, Kent -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Johnson, Richard (NY Int) Sent: Wednesday, March 13, 2002 7:05 AM To: [EMAIL PROTECTED] Subject: Is this possible? [7:38098] Hi All, Is it possible to do the following.....I have a Citrix server on my internal network which has an outside address via NAT. On the PIX port 1494, ICA client, is open and is obviously allowed to come in. The user is then prompted for a user name and password. Upon entering this information, they are then prompted for the pin and secure ID by our RSA server. My question is this, as opposed to having the Citrix server prompt them for their RSA info I would love for them to prompted by the firewall. Any ideas if it can? Thanks, Rich Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=38138&t=38098 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
