Thank you all for the answers. As the number of access to the web servers will be low, there will no problem with router performance.
I got some hint files in Freeradius site for its configuration , but do you know where there would be further information for such RADIUS/Freeradius configuration? Thanks in advance, Leonidas. > Can't say whether it's a good idea or not to run this feature on the > Cisco router in Le�nidas' particular environment, but there *is* a > feature of the Cisco IOS that supports HTTP Authentication, called > "Authentication Proxy": > > http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a0080094eb0.shtml > > ... which uses server-based authentication (TACACS+ or RADIUS) to > authenticate users via an HTTP session and assign user-based ACLs. I > can't see why it wouldn't work with FreeRADIUS. > > I would recommend checking the Software Advisor to see which > platforms/feature-sets support the proxy. > > DP > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of > Gene Parks > Sent: Wednesday, July 09, 2003 6:45 AM > To: [EMAIL PROTECTED] > Subject: RE: Cisco IOS/Firewall HTTP Authentication through Freeradius > > > The firewall function that comes in the IOS for Cisco does > not have the granularity that you are looking for. Plus you > are asking a router to do the work of both the router and the > firewall at the same time. Cisco is good but the router will > choke if you have a lot of connections. I would think of a > redesign of the network and put the authentication function > on the web server. I would also use the firewall software to > limit the access to ports on those servers and not do the > authentication function. The router will thank you later. > > Just my two cents. > > Gene Parks > VIP Direct > > -----Original Message----- > From: leonidasterra [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 09, 2003 12:57 AM > To: freeradius-users > Subject: Cisco IOS/Firewall HTTP Authentication through Freeradius > > > Hi everyone! I�m new to RADIUS hands on and also to this group. > > I�m planning a LAN with 16 web servers inside. The users in > the Web will reach a Cisco router with IOS/Firewall, placed > in the edge of this LAN. So, this IOS/Firewall will prompt > (in the user�s browser) a http screen as access request > (login/password). > > User then sends information to IOS/Firewall that > authenticates and authorizes it in Freeradius. Now, a > specific user is authenticated and only access its assigned > servers, as configured in Freeradius. > > Has someone faced a similar environment with Freeradius and > Cisco Firewall? > > Were there any errors or incompatibilities? > > For last, is it necessary a database software (MySQL, DB2, > Oracle, Databliz, ...)to work with Freeradius? > > Thanks in advance, Le�nidas! > > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
