Hi All,
I need your help, I am working with a PIX and am authenticating with tacacs
plus Extended, I have enable the accounttng in the PIX and the tacacs I have
maxses=1, but a user can to authenticate in many work stations.
The authentication is for http.
Configuration for authentication for the PIX:
access-list 101 permit tcp any any eq www
aaa-server AuthInbound protocol tacacs+
aaa-server AuthInbound (inside) host 192.168.129.164 cisco timeout 60
aaa-server AuthOutbound protocol tacacs+
aaa-server AuthOutbound (inside) host 192.168.129.164 cisco timeout 60
aaa authentication match 101 outside AuthInbound
aaa authentication match 101 inside AuthOutbound
aaa authorization match 101 outside AuthInbound
aaa authorization match 101 inside AuthOutbound
Configuration for the Tacacs:
accounting file = /var/tmp/tac_plus.acc
default authentication = file /etc/passwd
default authorization = permit
user = DEFAULT {
maxsess = 1
login = file /etc/passwd
cmd = http {
permit .*
}
}
Thanks in advanced for you advices.
Regards,
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48729&t=48729
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
