I would like to know if something like this is possible. If not can anyone offer any suggestions on how to do something similar? Here is the setup. I have two IP networks on different VLAN's. The VLAN's are connected to a 2851 which is doing the routing between the different networks and is also the default gateway. On one of these subnets is the data network 192.168.1.x and the other is a âserverâ network of 172.16.1.x that has an application the users will connect to. The application on the PC's uses a few different ports, about 10, which I am just going to allow access to those ports to the servers and deny everything else with an access list. The users also do administration work using HTTPS to this same web server. What I want to be able to do is deny HTTPS traffic to the server unless the users are authenticated somehow. I would like the user to open HTTPS://172.16.0.100 and the router intercept the URL string and prompt the user to authenticate. Then if the authentication is successful build an access list to allow the HTTPS traffic to the server. After an inactivity period the router would close the access to the server network. I would like the authentication to happen centrally using Radius and HTTPS. Does anyone have any suggestions?
I actually think Lock-and-Key Security (Dynamic Access Lists) is what I need but the only thing I don't like about it is that I need to put my username and password in via telnet. Is there anyway to do this via ssh or some other https session on the router?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :