Cisco ASA and PIX Firewall Handbook

5-3. Defining AAA Servers for User Management

A firewall can interface with external user management servers to offload any authentication, authorization, or accounting (AAA) functions. This provides a very scalable solution, because all user identities, privileges, and activity logs can be centralized.

You can use the following steps to configure AAA servers and server groups for all AAA-related firewall functions:

Define the AAA server group and protocol:

FWSM 2.x	`Firewall(config)#` `aaa-server` `server_tag` `protocol` `{tacacs+` \| `radius}`
PIX 6.x	`Firewall(config)#` `aaa-server` `server_tag` `protocol` `{tacacs+` \| `radius}`
PIX 7.x	`Firewall(config)#` `aaa-server` `server_tag` `protocol` `{tacacs+` \| `radius` \| `kerberos` \| `ldap` \| `nt` \| `sdi}`

A group of servers is named server_tag ...

Get Cisco ASA and PIX Firewall Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cisco ASA and PIX Firewall Handbook by Dave Hucaby

5-3. Defining AAA Servers for User Management

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly