https://community.cisco.com/t5/network-security/authentication-for-a-particular-acl/m-p/1780906#M533894 <P>Hi,</P><P>I am trying to implement Authentication for a particular ACL on the ASA, i.e. whenever that particular ACL is matched, the ASA will authenticate the user with either local database or AAA server. </P><P></P><P>I have seen the document "Configuring AAA for cut-through proxy", but that says it works only for http, https and ftp etc, whereas in my case i m looking to authenticate the users trying to access my sql server, for which i need to match a particular ACL. </P><P></P><P>regards,</P><P>Mohsin</P> Mon, 11 Mar 2019 21:09:44 GMT mohsin.khan 2019-03-11T21:09:44Z https://community.cisco.com/t5/network-security/authentication-for-a-particular-acl/m-p/1780906#M533894 <P>Hi,</P><P>I am trying to implement Authentication for a particular ACL on the ASA, i.e. whenever that particular ACL is matched, the ASA will authenticate the user with either local database or AAA server. </P><P></P><P>I have seen the document "Configuring AAA for cut-through proxy", but that says it works only for http, https and ftp etc, whereas in my case i m looking to authenticate the users trying to access my sql server, for which i need to match a particular ACL. </P><P></P><P>regards,</P><P>Mohsin</P> Mon, 11 Mar 2019 21:09:44 GMT https://community.cisco.com/t5/network-security/authentication-for-a-particular-acl/m-p/1780906#M533894 mohsin.khan 2019-03-11T21:09:44Z https://community.cisco.com/t5/network-security/authentication-for-a-particular-acl/m-p/1780907#M533895 <HTML><HEAD></HEAD><BODY><P>AFAIK there is no way to do that. The only other way would be to set the permitted SQL users to static IP's and then configure the ACL to permit them and deny all others. Also the SQL server could be controlling access.</P></BODY></HTML> Wed, 10 Aug 2011 13:54:19 GMT https://community.cisco.com/t5/network-security/authentication-for-a-particular-acl/m-p/1780907#M533895 Collin Clark 2011-08-10T13:54:19Z