Kevin, While the port-blocking access-lists will work for most users, many users and applications will know to use alternate ports to gain connectivity. AIM, for example, uses port 5190 by default, though you can simply change it to port 80, if so desired. Same thing for Napster. The best, and maybe only, solution is to block the url or the IP range the servers are in. We're blocking the IP range for Napster (don't recall what it is off the top of my head) and it works like a charm. We currently do not block AIM, but you can probably simply block login.oscar.aol.com. As far as RADIUS & TACACS, you'll probably have a hard time finding a shareware/freeware version of TACACS for NT, though RADIUS seems to be somewhat more available. Cisco has their ACS product, which does TACACS & RADIUS, and runs on NT/2000. It's real easy to setup (about 30 mins from setup.exe to TACACS logins). I'd check the search engines for 'shareware &/or freeware RADIUS'. If you really want TACACS, and are on a budget, you might want to check out some of the freeware Linux versions, there are many. Of course, you'd need to setup a Linux box. HTH Bob > Before I ask this question I would like to give something back, below is the > config to block aim and napster: > > access-list acl_out deny tcp any any eq 5190 > access-list acl_out deny tcp any any eq 8875 > access-list acl_out deny tcp any any eq 7777 > access-list acl_out deny tcp any any eq 6699 > access-list acl_out deny tcp any any eq 8888 > access-group acl_out in interface inside > access-list acl_out permit tcp any any > access-list acl_out permit ip any any > > > Now I would like to setup a Tacus+ or Radius Server on My network I have a > widows 2000 domain and I am unsure of how to do this. Please advise. > > TIA, > > Kevin > _________________________________________________________________ > Get your FREE download of MSN Explorer at http://explorer.msn.com _________________________________ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
