04-28-2009 04:54 AM - edited 02-21-2020 03:25 AM
Hello All,
I have an ASA5505 appliance and want to create a dynamic access list like in this example (http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scflock.html)
But I can't figure out how to do it on my ASA.
Basically I want the appliance to deny traffic to the internet unless a user has authenticated using telnet first.
04-28-2009 05:24 AM
They call it cut-through proxy in the ASA world.
Hope that helps.
04-28-2009 10:17 AM
It does help a little, but the document is detailing using RADIUS servers for authentication, I just want to use the LOCAL database.
Does anyone have some basic examples it could study as a starting point?
Scenario:
Users on the inside network can not pass though to the outside network (internet) without first authenticating against the local user list, using telnet. Authenticated users must only be allowed to use HTTP, HTTPS, FTP, and DNS protocols.
Hope you can help a newbie to the ASA world! :)
04-28-2009 10:57 AM
Instead of Radius, just use LOCAL.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide