Unanswered Question
Jun 28th, 2008
User Badges:

I have three questions regarding auth-proxy

one: (using a 1721 running 12.4 IOS)using local auth-proxy(which i have verified works), is there any way to define which dynamic ACL is applied, rather then a simple permit any? I know how to do this using ACS but I am tryin go do it locally, where I can at least define a user and where they can do once they authenticate

two: do the pix and/or ASA firewalls support auth-proxy like IOS routers do and where can I find documentation on implimenting it

three: on either a firewall or router running firewall IOS, can auth-proxy go beyond ACLs for the users once they authenticate? For example, CBAC policies/URL blocking/allowing, QOS, etc?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marwan ALshawi Sun, 06/29/2008 - 20:22
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

for question 1 yes i think let me check for u

for question 2 sure u can they called cut-through

pix(config)#aaa authentication include http inside 0 0 0 0 LOCAL

about ur question 3 i am not sure there is away for that bit you can play around it through source and distination acls and policies

good luck and rate if usefull


This Discussion