I have aquired a site with the following setup on the PIX
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
aaa-server ACS-00139 protocol radius
aaa-server ACS-00139 (inside) host 10.64.28.20 AC$Password timeout 10
aaa authentication match ACL_AuthOutbound inside ACS-00139
Since I do not have a DNS Setup Internally neither do I have one setup on the DMZ, my users cannot resolve names using an external DNS before they a authenticated. I have to use a IP address on the Web browser to have users prompted for authentication credentials. I am trying to exclude DNS traffic from the aaa authentication, but I cannot get the syntax right. Any ideas?
