Nice idea but, sadly, not an option with Cisco routers. The only way you can
get a level of security is to use something like command accounting with aaa
(TACACS+ only) but that will NOT log things like access-list violations.
Kerberos, where it's supported, is usually only used for authentication (it
appears in AS configs etc). There's a kerberised Telnet app which uses
encryption built into 11.3 onwards, I think, but only in the 56-bit images.
Now that SSH is available in mainstream 12.1 that should fall by the wayside
anyway.
Cheers,
--
Ben Nagy
Network Consultant, Volante Solutions
PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, 15 August 2000 5:39 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: Syslog thru Firewall
>
>
> syslog with Kerberos. Yeah, yeah, flame me, but is it quick
> and works..
> :) Just ask Genuity (Site Patrol)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
