Configuring Shell Command Authorization Sets
Refer to the network map in Figure 18-13 for the following exercise. The configuration of
the Security Appliance and the Cisco Secure ACS controls access to the host 172.16.1.3.
566 Chapter 18: Configuration of AAA on the Cisco Security Appliance
In the Security Appliance configuration in Example 17-9, hosts on the internal network are
not allowed to make connections to 172.16.1.3 on the DMZ segment except for the
PCAnywhere (TCP/5631 and UDP/5632) application. But to allow this connection, the
Firewall will ask authentication as well as authorization using a Cisco Secure ACS.