Kings :
Even when there is no access-group define on the interface as explained
in the doc cd ? ( following is the copy and paste from it )
Date: Thu, 9 Feb 2012 18:32:59 +0530
Subject: Re: [OSL | CCIE_Security] ACL and auth-proxy
From: [email protected]
To: [email protected]
CC: [email protected]
sh access-list should show them.
With regards
Kings
On Thu, Feb 9, 2012 at 5:29 PM, HA Ali <[email protected]> wrote:
While doing debugs I get following messages
*Mar 1 00:40:26.271: TAC+: Received Attribute "priv-lvl=15"
*Mar 1 00:40:26.271: TAC+: Received Attribute "proxyacl#1=permit tcp any any
eq 80"
*Mar 1 00:40:26.275: TAC+: Received Attribute "proxyacl#2=permit icmp any any"
*Mar 1 00:40:26.275: AAA/AUTHOR (1909359833): Post authorization status =
PASS_ADD
and on the client end i see authentication sucessful . But on router when i do
show ip access-list or show access-list I dont see any ACL . I remember in ASA
the command was show uauth to check that , is there any different command to
check these dynamic ACLs I cant remember of at the moment .
On IOS when i do show ip auth-proxy cache , i can see the client ip address and
username .
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
