Pix 515 AAA Radius problems

Discussion in 'Cisco' started by Matt, Dec 8, 2003.

  1. Matt

    Matt Guest

    I am trying to setup my Pix 515e to log username information and what
    website they accessed. I want to set it up so that they don't get
    prompted to enter a username or password when they open their web
    browser.... i guess you could say i want the authentication to be
    invisible.

    I have tired using aaa authorisation and aaa accounting on the pix,
    and have setup a win2k RADIUs server for the pix to authenticate the
    users, but it's not working. The user still gets prompted for a
    username & password, and the RADIUS server won't authentcate the user.

    Can anyone tell me if i am on the right track? Is there a better way
    to do it?

    If not, can anyone tell me what i need to setup on the RADIUS server
    to allow it to authenticate the users and to do it in such a way that
    the don't get prompted.

    please help!

    Matt
    Matt, Dec 8, 2003
    #1
    1. Advertising

  2. In article <>,
    Matt <> wrote:
    :I am trying to setup my Pix 515e to log username information and what
    :website they accessed. I want to set it up so that they don't get
    :prompted to enter a username or password when they open their web
    :browser.... i guess you could say i want the authentication to be
    :invisible.

    But then you don't know whether it is that user, or if it is
    someone else using the same computer.

    If you just want to associate a name with an IP address when you
    look at your logs, then keep a table of names and IPs, and use a
    small bit of post-procesing code on the logs to look up the name
    corresponding to the IP and stick it on the end of the line.

    If you are already doing some kind of good authentication at the time
    they log on to their machine, and you have locking screensavers
    set on a reasonably short timeout (e.g., 5 minutes) so that no-one can
    use their computers while they are out of the room, then probably
    they won't mind putting in their name/password occasionally in order to
    surf, if you set the auth timeouts right.
    --
    "WHEN QUINED, YIELDS A TORTOISE'S LOVE-SONG"
    WHEN QUINED, YIELDS A TORTOISE'S LOVE-SONG. (GEB)
    Walter Roberson, Dec 8, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. optimus
    Replies:
    0
    Views:
    558
    optimus
    Feb 26, 2004
  2. hifur2002

    LSDO without RADIUS(AAA)?

    hifur2002, May 6, 2004, in forum: Cisco
    Replies:
    0
    Views:
    430
    hifur2002
    May 6, 2004
  3. ciscobiz

    AAA/RADIUS

    ciscobiz, Jul 13, 2004, in forum: Cisco
    Replies:
    1
    Views:
    696
    Scooby
    Jul 13, 2004
  4. Chris_D
    Replies:
    4
    Views:
    3,395
    Chris_D
    Aug 1, 2005
  5. Scott Townsend
    Replies:
    8
    Views:
    674
    Roman Nakhmanson
    Feb 22, 2006
Loading...

Share This Page