3-思科防火墙：认证管理访问：ACS联动（思科acs系统）

3-思科防火墙：认证管理访问：ACS联动（思科acs系统）

3、ASA Ping 10.1.2.254，ACS Ping 10.1.2.10，查看是否可通后再进行下一步；4、浏览器中输入：Client；6、ASA命令行测试aaa-server是否可通。三、命令部署：1、ASA上部署aaa-server配置：ASA(config)# aaa-server zhou protocol tacacs+ ASA(config-aaa-server-group)# aaa-server zhou (DMZ) host 10.1.2.254ASA(config-aaa-server-host)# key zhou

四、验证：1、ASA上部署aaa-server配置查看：ASA# show run aaa-serveraaa-server zhou protocol tacacs+aaa-server zhou (dmz) host 10.1.2.254key *****2、ACS和ASA相互Ping，ACS查看application：ACS/admin# ping ip 10.1.2.10PING 10.1.2.10 (10.1.2.10) 56(84) bytes of data.64 bytes from 10.1.2.10: icmp_seq=1 ttl=255 time=4.71 ms64 bytes from 10.1.2.10: icmp_seq=2 ttl=255 time=0.984 ms64 bytes from 10.1.2.10: icmp_seq=3 ttl=255 time=1.19 ms64 bytes from 10.1.2.10: icmp_seq=4 ttl=255 time=1.30 ms--- 10.1.2.10 ping statistics ---4 packets transmitted, 4 received, 0% packet loss, time 3001msrtt min/avg/max/mdev = 0.984/2.048/4.711/1.542 ms

ACS/admin# show application status acsACS role: PRIMARYProcess 'database' runningProcess 'management' runningProcess 'runtime' runningProcess 'ntpd' runningProcess 'view-database' runningProcess 'view-jobmanager' runningProcess 'view-alertmanager' runningProcess 'view-collector' runningProcess 'view-logprocessor' running

ASA# ping 10.1.2.254Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 10.1.2.254, timeout is 2 seconds:!!!!!3、ASA测试：ASA(config)# test aaa-server authentication zhou username bb password bbbb Server IP Address or name: 10.1.2.254(timeout: 12 seconds)INFO: Authentication Successful

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。