Chapter 12
Configuring Certificates
Certificate Configuration
aaa-server TacacsServers host 100.136.0.3
timeout 22
key secretpassword
aaa authentication match FWACL outside TacacsServers
aaa accounting match FWACL outside TacacsServers
aaa authentication secure-http-client
auth-prompt prompt (JCPIX249) Login:
auth-prompt accept (JCPIX249) Login Accepted!
auth-prompt reject (JCPIX249) Login Rejected!
The access-list series of commands defines which protocols are allowed through the FWSM. Only those
shown in the example and SSH are supported for cut-through-proxy authentication.
The timeout uauth command allows the FWSM to re-request authorization for all those protocols in five
minutes.
The aaa authentication command is cut-through-proxy authentication. Executing this command
matches the protocols in the access list, and intercepts and prompts users for authentication.
The auth-prompt series of commands changes the prompt that users see, so you know that the FWSM
is making the request.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
12-10
OL-20748-01