auth-proxy - was Re: [c-nsp] Design question

Hauke Krull hk at netuse.de
Wed Jul 27 10:30:18 EDT 2005


Hi!

David Prall schrieb:
> Eric,
> Why not just use Auth Proxy for the end users. Then you can just
> authenticate them and let them run with it. I didn't keep the original
> message. Will you be charging for this access? If not then Auth Proxy will
> do it.
> 
Thanks for the hint to this interesting feature.
I've just implemented it on a test-router and now I have some more questions
I didn't any answers for on CCO:

1) Is it possible to configure some special destination adresses that should
be open to unauthenticated users (e.g. a corporate website)?

I've tried to play with the incoming ACL on the auth-proxy-IF but even with
permit ip any any
the auth-proxy intercepts all tcp port 80 connections.

2) Is it possible to configure a shaping or rate-limiting for the
authenticated users via RADIUS?

Thanks
 Hauke
-- 
Dipl.-Phys. Hauke Krull  
NetUSE AG
Dr.-Hell-Straße, D-24107 Kiel, Germany
Fon: +49 431 2390 400  --  Fax: +49 431 2390 499


More information about the cisco-nsp mailing list