cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
361
Views
0
Helpful
1
Replies

ACS, how to prevent web users access to firewall CLI?

andrea.meconi
Level 2
Level 2

Hello.

I'm using a PIX with software version 6.3(5) wih the cut-through proxy feature. PIX queries a TACACS+ to authenticate web users.

I need a filter, NAR on ACS, to allow web users access Internet from a specific subnet only.

Actually, same web users credentials allow access to firewall CLI from different subnet!

Any idea?

Thanks.

Andrea

1 Reply 1

andrea.meconi
Level 2
Level 2

With a NAR filter based on IP addresses, I can confine access from a specific subnet only.

Regards.

Andrea

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: