RE: PIX Firewall authentication [7:35947]
Another option would be Websense for PIX. This product will not only authenticate the user but provide URL filtering and detailed reporting, which the Proxy box doesn't do too well. I install this product frequently and hear nothing but good about it from our customers. Check out www.websense.com for more info. Rik -Original Message- From: Rafay Aslam [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 2:11 PM To: [EMAIL PROTECTED] Subject: Re: PIX Firewall authentication [7:35947] You can do authentication against Windows NT or Windows 2000 user database Via PIX using Windows 2000 Radius Server, called Internet Authentication Service, or Install RADIUS on Windows NT server, or If you wanna spend $2000 you can buy Cisco ACS software. ""sajith nair"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, > I have a customer with Proxy server and he want to > replace it with PIX.The customer want to authenticate > all users before they access internet.Whether the PIX > can support authentication thru a normal Windows NT > server than going thru a Radius/Tacacs server?I talked > with Cisco TAC and they told it is possible.But I am > confused.Can anyone of you can guide me please. > Thanks in advance. > Saj > > __ > Do You Yahoo!? > Yahoo! Sports - Coverage of the 2002 Olympic Games > http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36008&t=35947 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Firewall authentication [7:35947]
Yes, you can use http authentication proxy, combined with CiscoSecure to authenticate off an NT database. Brian On Wed, 20 Feb 2002, sajith nair wrote: > Hi, > I have a customer with Proxy server and he want to > replace it with PIX.The customer want to authenticate > all users before they access internet.Whether the PIX > can support authentication thru a normal Windows NT > server than going thru a Radius/Tacacs server?I talked > with Cisco TAC and they told it is possible.But I am > confused.Can anyone of you can guide me please. > Thanks in advance. > Saj > > __ > Do You Yahoo!? > Yahoo! Sports - Coverage of the 2002 Olympic Games > http://sports.yahoo.com I'm buying / selling used CISCO gear!! email me for a quote Brian Feeny, CCIE #8036 Netjam, LLC [EMAIL PROTECTED] http://www.netjam.net VISA/MC/AMEX/COD phone: 318-212-0245 30 day warranty fax: 318-212-0246 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35999&t=35947 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Firewall authentication [7:35947]
You can only authenticate users to ftp/telnet/http services. Below url should give you an idea of configs: http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/config/mngacl.htm#xtocid4 Nabil P.S. I tested this concept in a lab about a year ago, it works pretty good. sajith nair cc: Sent by: Subject: PIX Firewall authentication [7:35947] nobody@groups tudy.com 02/20/2002 09:22 AM Please respond to sajith nair Hi, I have a customer with Proxy server and he want to replace it with PIX.The customer want to authenticate all users before they access internet.Whether the PIX can support authentication thru a normal Windows NT server than going thru a Radius/Tacacs server?I talked with Cisco TAC and they told it is possible.But I am confused.Can anyone of you can guide me please. Thanks in advance. Saj __ Do You Yahoo!? Yahoo! Sports - Coverage of the 2002 Olympic Games http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35977&t=35947 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Firewall authentication [7:35947]
You can do authentication against Windows NT or Windows 2000 user database Via PIX using Windows 2000 Radius Server, called Internet Authentication Service, or Install RADIUS on Windows NT server, or If you wanna spend $2000 you can buy Cisco ACS software. ""sajith nair"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, > I have a customer with Proxy server and he want to > replace it with PIX.The customer want to authenticate > all users before they access internet.Whether the PIX > can support authentication thru a normal Windows NT > server than going thru a Radius/Tacacs server?I talked > with Cisco TAC and they told it is possible.But I am > confused.Can anyone of you can guide me please. > Thanks in advance. > Saj > > __ > Do You Yahoo!? > Yahoo! Sports - Coverage of the 2002 Olympic Games > http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35965&t=35947 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Firewall authentication [7:35947]
u can use the acs/windowns to authenticate the users ""sajith nair"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, > I have a customer with Proxy server and he want to > replace it with PIX.The customer want to authenticate > all users before they access internet.Whether the PIX > can support authentication thru a normal Windows NT > server than going thru a Radius/Tacacs server?I talked > with Cisco TAC and they told it is possible.But I am > confused.Can anyone of you can guide me please. > Thanks in advance. > Saj > > __ > Do You Yahoo!? > Yahoo! Sports - Coverage of the 2002 Olympic Games > http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35952&t=35947 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
