RE: PIX and Lock and Key Dynamic Access-Lists [7:14937]

Sun, 05 Aug 2001 01:28:15 -0700 

Hi,
For services like Telnet and FTP you can use the PIX's, "Cut-Through proxy"
function, but if you want a mechanism that can authenticate all services, as
far as I know you cannot do it.
Gil

-----Original Message-----
From: Bruce Williams [mailto:[EMAIL PROTECTED]]
Sent: Sunday, August 05, 2001 10:37 AM
To: [EMAIL PROTECTED]
Subject: PIX and Lock and Key Dynamic Access-Lists [7:14937]


I want to know if it is possible to create Lock and Key Dynamic Access-List
on a PIX 520 Firewall. This is the problem I am trying to solve. We have a
R&D network that has confidential information which we need to keep isolated
from all of the users on our corporate network except for a few authorized
users. We have a PIX 520 between the two networks. A few authorized users
will need to be able to Telnet and FTP from the corporate network to this
restricted network. These authorized users do not have static addresses so I
cant filter them by IP address I need to be able to authenticate them by
username and password. I would like to configure a Lock and Key Dynamic
Access-list so that authorized users can log in to the PIX with their
username and password and then the Dynamic Access-List opens up the firewall
for them. I know Lock and Key (Dynamic Access-Lists) can be configured on
routers, but can they be configured on the PIX?

Bruce Williams
215-275-2723
[EMAIL PROTECTED]
**************************************************************************************************
The contents of this email and any attachments are confidential.
It is intended for the named recipient(s) only.
If you have received this email in error please notify the system manager
or  the
sender immediately and do not disclose the contents to any one or make
copies.

** eSafe scanned this email for viruses, vandals and malicious content **
**************************************************************************************************




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=14938&t=14937
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to