Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
775
Views
0
Helpful
4
Replies

Internet_Access

amancuso
Community Member

‎02-21-2004 07:14 PM - edited ‎03-09-2019 06:30 AM

In my current configuration all web access is done via an ISA proxy server. Only server vlans are NAT'd by the pix. However individual workstations have the need to telnet, ftp or vpn out. To accomplish this the workstations are permitted to receive NAt from the PIX.

As you know this requires editing the PIX config everytime a special circumstance arises. IS there a better way to provide these services to the clients without having to edit the PIX over and over.

Labels:
0 Helpful
4 Replies 4

nkhawaja
Cisco Employee
Cisco Employee

‎02-22-2004 06:59 AM

Hi,

For Telnet/FTP, you can have user level authentication, so users will be prompted for username/password and based on this, they can be allowed or denied.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094ea9.shtml

Thanks

Nadeem

0 Helpful

amancuso
Community Member
In response to nkhawaja

‎02-22-2004 08:38 AM

Would i use a radius server for this. Or is this feature bulit in to the PIX?

Would this have an effect on users trying to access the web. Would they be prompted as well. The web clients are already configured to use PRXY. I would not wan to add another login for these users.

Thank you for your help.

Anthony

0 Helpful

nkhawaja
Cisco Employee
Cisco Employee
In response to amancuso

‎02-22-2004 09:01 AM

it is all there in the link i gave you.

yes radius server is required.

no it wont effect any other service

0 Helpful

amancuso
Community Member
In response to nkhawaja

‎02-23-2004 06:13 AM

Thank You for advice.

0 Helpful
Customers Also Viewed These Support Documents