NRF. I am just about to setup a PIX 515 with the Cisco VPN client and the ias ( WIN2K RADIUS SERVER ). From my understanding the VPN client has a group login then the user will be prompted for a username/password that the PIX will pass to the IAS server using Radius. That will be authenticated against the Win username / password database (used to be called SAM ??) on the IAS server.
I believe that this is authentication. Not sure how authorisation is achieved. How do you tie in the access-list to that individual user ?? Is this the setup you have got going ?? Do you have any problems implementing it ?? PS - I have setup PIXs before but only with simple policies... Best Regards, Darren M > -----Original Message----- > From: nrf [SMTP:[EMAIL PROTECTED]] > Sent: Wednesday, April 24, 2002 3:57 AM > To: [EMAIL PROTECTED] > Subject: Re: PIX and AAA [7:42302] > > Well, actually, the Pix does support a very limited amount of Radius > authorization. It's only for users going through the Pix, not > administrators of the Pix. And the authorization 'capabilities' only > allow > you to invoke existing access-lists on the Pix for certain users, so, like > I > said, it's very limited. Still, the capability exists. > > http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/config/mn > ga > cl.htm#xtocid10 > > > ""Georg Pauwen"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Paul, Tim, Patrick, > > > > you guys are good ! You are right, I wasn4t specific enough in what I > said: > > PIX does support RADIUS, but it does NOT support RADIUS Authorization :) > > > > Regards, > > > > Georg > > > > > > >From: "Paul Borghese" > > >To: "Georg Pauwen" , > > >Subject: Re: PIX and AAA [7:42302] > > >Date: Tue, 23 Apr 2002 10:03:43 -0400 > > > > > >The pix does support radius. I am using it for a small client to > > >authenticate PPTP connections using the Microsoft 2000 Radius server. > > > > > >Paul Borghese > > >----- Original Message ----- > > >From: "Georg Pauwen" > > >To: > > >Sent: Tuesday, April 23, 2002 7:16 AM > > >Subject: RE: PIX and AAA [7:42302] > > > > > > > > > > Hi Patrick, > > > > > > > > yes, aaa is fully supported on the PIX (remember, though, that the > PIX > > >does > > > > not support RADIUS). Follow this link for a command overview of aaa > on > > >the > > > > PIX: > > > > > > > > > > > >http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/a > b. > h > > >tm#xtocid3 > > > > > > > > Regards, > > > > > > > > Georg > > _________________________________________________________________ > > Chat with friends online, try MSN Messenger: http://messenger.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42395&t=42302 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
