You need to apply the access-list to the interface. With regards Kings
On Thu, Feb 9, 2012 at 6:35 PM, HA Ali <[email protected]> wrote: > Kings : > Even when there is no access-group define on the interface as > explained in the doc cd ? ( following is the copy and paste from it ) > > ------------------------------ > Date: Thu, 9 Feb 2012 18:32:59 +0530 > Subject: Re: [OSL | CCIE_Security] ACL and auth-proxy > From: [email protected] > To: [email protected] > CC: [email protected] > > > sh access-list should show them. > > With regards > Kings > > On Thu, Feb 9, 2012 at 5:29 PM, HA Ali <[email protected]> wrote: > > > While doing debugs I get following messages > > *Mar 1 00:40:26.271: TAC+: Received Attribute "priv-lvl=15" > *Mar 1 00:40:26.271: TAC+: Received Attribute "proxyacl#1=permit tcp any > any eq 80" > *Mar 1 00:40:26.275: TAC+: Received Attribute "proxyacl#2=permit icmp any > any" > *Mar 1 00:40:26.275: AAA/AUTHOR (1909359833): Post authorization status = > PASS_ADD > > > and on the client end i see authentication sucessful . But on router when > i do show ip access-list or show access-list I dont see any ACL . I > remember in ASA the command was show uauth to check that , is there any > different command to check these dynamic ACLs I cant remember of at the > moment . > > On IOS when i do show ip auth-proxy cache , i can see the client ip > address and username . > > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
