Hello group,
We currently have a PIX 501 to PIX 501 vpn between two offices. We
have an AS400 at the main site. At both locations we would like the
users to authenticate to the PIX locally for internet access. I
understand that the PIX allows for telnet, ftp and http authentication
locally but will the users have to authenticate against the PIX for
other traffic being passed by the AS400 or other systems on the two
networks via the VPN. Meaning we only want the user to have to
authenticate to the PIX for internet access only and not have to
authenticate against the PIX for normal traffic between the two sites.
This traffic should be allowed to flow freely without a user name and
password. I have read the documentation on this but am unsure if this
is allowed. ** At both sites internet access routes directly out it
does not tunnel through the VPN. We do not have a radius or tacacs server.
Thanks as always,
Joe