Hello, I'm sorry to don't contribute to the response, but I'm new on the field and my time is busy to learn and use and configure.... 1) I tried to autenticate from outside interface of PIX to a ftp server on inside. The client use SecureVPNClient to create a secure IPSec tunnell, and a RADIUS server is used for autentication. The configuration work very well with TACACAS+ (Cisco EasyACS..), but with RADIUS don't work at all. The login prompt is displayed, but any combination of aaa_login@ftp_login and aaa_passwd@ftp_passwd don't work. The shared secret is correct, and the PIX essential part of PIX config is: ..... global (outside) 1 209.165.100.10-209.165.100.14 netmask 255.255.255.0 nat (inside) 1 0.0.0.0 0.0.0.0 0 0 static (inside,outside) 209.165.100.5 192.168.201.31 netmask 255.255.255.255 0 0 conduit permit any host 192.168.201.31 any access-list 80 permit ip host 192.168.70.9 host 209.165.100.5 ..... aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius aaa-server myserver1 protocol radius aaa-server myserver1 (inside) host 192.168.204.44 kenny timeout 5 aaa authentication any inbound 192.168.201.31 255.255.255.255 192.168.70.9 255.255.255.255 mytserver1 where .201.31 is ftp server. The tunnell is created, but the autentication failed. I have tried to open access to RADIUS port (1645/46), but the result is the same. Is needed any other configuration? Or special config to RADIUS? 2) Wich special config is needed to telnet to PIX from outside interface? I abilitate access with: telnet IP outside I use the same SecureVPNClient as above, so the connection is trought a IPSec tunnell. I attempt to create a static address to outside interface, but the tunnell is estabilished, not the telnet connection. Thanks for any ideas, Davide Zari - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
