I have a requirement to allow non-VPN users telnet access to a certain network. After a little research I am unclear as to the difference between Virtual Telnet vs. Proxy Telnet. Basically, I want to authenicate telnet comeing in from the internet to access certain IPs (these IPs will change on a per user basis). Is it possible/feasible to set up TACACS+ or RADIUS with virtual or proxy telnet to allow this? Any thoughts on which is better?
yes, we decided on virtual telnet with ACS authentication and auhtorization. Essentially, inbound telnet is challenged by PIX. If successfull, they are passed on to an internal "telnet" server where they authenicate a second time with another set of credentials. Then they can telnet within the network, cumbersome but they should the VPN anyway.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...