Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

ip auth−proxy

Can somebody explain me meaning of follwoing commands in the link given below.

1)aaa authentication login default local group RTP none

In this command default is local will it prompt user to TACACS 1st.

2)ip auth−proxy name list_a http and ip auth−proxy list_a

what is the meaning of putting these command .

3) access−list 116 permit tcp host 40.31.1.47 host 40.31.1.150 eq www

why this access-list is required.

4) there is no access-list from host to webserver ??

3)

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_configuration_example09186a0080094655.shtml

1 REPLY

Re: ip auth−proxy

1> This command will try first to authenticate using a local database (username john password 0 doe

) if it returns an error (if you dont set any username, I believe) it will try the TACACS server.

2>ip auth-proxy name list_a http

This command creates a named authentication proxy rule, and it allows you to associate that rule with an access control list (ACL), providing control over which hosts use the authentication proxy.

Because an access list is not specified in the rule, all connection-initiating HTTP traffic is subjected to authentication.

ip auth-proxy list_a

The rule is applied to an interface on a router using this command

3>

ACL 116 is blocking traffic from the host 10.31.1.47 to other webservers (it only allows it to talk with the router).

After authenticating , new lines will be added to the front of the ACL and then it will be allowed to talk to the webserver.

HTH,

rate this post if it does,

vlad

136
Views
0
Helpful
1
Replies
CreatePlease to create content