Dear All, I hope to find an expert in PIX firewall to help me to solve this problem: About PIX authentication With ACS2.3. I am trying to configure my PIX506 with IOS5.1 to use cisco secure ACS2.3 to authenticate my internal users when they try to access the internet.. The ACS located on the inside network with vertual IP 192.168.111.2 while the PIX inside IP is 192.168.111.2. When I try to access the internet after applying the authentication commands the authentication window comes up with username and password... when I typed a username and password from the ACS users database it failed to authenticate that user with this massege: Error: Authen Rejected even that user can telnet the access server or my router. and the outlook express did not work when I put that conf. with Error massege. this is the configuration which I put in my PIX to run the aaa-authentication: aaa-server PIXGroup protocol tacacs+ aaa-server PIXGroup (inside) host 213.131.67.10 cisco timeout 5 aaa authentication include any outbound 192.168.111.0 255.255.255.0 0.0.0.0 0.0.0.0 PIXGroup aaa authorization include any outbound 192.168.111.0 255.255.255.0 0.0.0.0 0.0.0.0 PIXGroup Please any idea.... Please help me sooon Regards,,, Magdy Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=705&t=705 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]