Firewall Wizards mailing list archives
Re: AS5300 & CiscoSecure Capabilities
From: "Rodney van den Oever" <roever () nse simac nl>
Date: Fri, 3 Jul 1998 19:11:16 +0200
Is it possible to restrict a dialin user to a specific IP address with either the AS5300 or CiscoSecure? We are currently using both solutions but I need to restrict Vendor access into the network.
Cisco claims that you can use CiscoSecure to hand over an abribtrary access-list to a user's dialup port based on their username. I haven't verified this myself, but one of my co-workers has, and is using it this way.
Not specific to CiscoSecure, there are a number of tacacs(+) and radius daemons that can do this. Cisco has a freeware tacacs+-implementation for Unix-systems and they know offer a free and supported (!) tacacs+-server for use with a single NAS for Windows NT (EasyACS). Easy setup and configuration using a webbrowser. -- Rodney van den Oever / 0x06 3547CA1 / PGP Key ID 0x0A6CCE53 An updated version of 'A Christmas Carol' would still have Marley's Ghost visit Scrooge, but it would be BOB Marley, playing a calypso!.- James Fischer
Current thread:
- Re: AS5300 & CiscoSecure Capabilities Ryan Russell (Jul 02)
- <Possible follow-ups>
- Re: AS5300 & CiscoSecure Capabilities Rodney van den Oever (Jul 07)