×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ip auth−proxy

Unanswered Question
Oct 16th, 2006
User Badges:
  • Silver, 250 points or more

Can somebody explain me meaning of follwoing commands in the link given below.


1)aaa authentication login default local group RTP none


In this command default is local will it prompt user to TACACS 1st.


2)ip auth−proxy name list_a http and ip auth−proxy list_a

what is the meaning of putting these command .

3) access−list 116 permit tcp host 40.31.1.47 host 40.31.1.150 eq www

why this access-list is required.


4) there is no access-list from host to webserver ??




3)


http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_configuration_example09186a0080094655.shtml

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vladrac-ccna Tue, 10/17/2006 - 04:48
User Badges:
  • Silver, 250 points or more

1> This command will try first to authenticate using a local database (username john password 0 doe

) if it returns an error (if you dont set any username, I believe) it will try the TACACS server.


2>ip auth-proxy name list_a http

This command creates a named authentication proxy rule, and it allows you to associate that rule with an access control list (ACL), providing control over which hosts use the authentication proxy.


Because an access list is not specified in the rule, all connection-initiating HTTP traffic is subjected to authentication.



ip auth-proxy list_a

The rule is applied to an interface on a router using this command



3>

ACL 116 is blocking traffic from the host 10.31.1.47 to other webservers (it only allows it to talk with the router).


After authenticating , new lines will be added to the front of the ACL and then it will be allowed to talk to the webserver.



HTH,

rate this post if it does,

vlad

Actions

This Discussion