[c-nsp] Is there any Cisco router that can..

Matthew Crocker matthew at crocker.com
Mon Feb 13 08:16:12 EST 2006

Could you create different virtual firewalls with different policies  
in your firewall?  If so,  can you then attach them to different  
VLANs and have your NAS connect the customer to the correct VLAN/ 
VRF.  That way you won't know the user ID but you should know their  


On Feb 13, 2006, at 1:16 AM, Mohsen A. Momeni wrote:

>> Hi,
>>> use "aaa accounting delay-start", and the NAS will delay the
>>> accounting-start record for PPP sessions until the remote IP address
>>> is known..
> I searched more about my problem and I found out that the solution may
> be a function of router, so let me tell you my problem:
> I have configured a cisco router (NAS) to authenticate dialup users
> through a RADIUS server. After authentiucation, the traffic is passed
> to a firewall for traffic control. Now I need to authenticate the
> users (For applying account policies) in firewall but not for the
> second time. Can the router be configured to work with the firewall to
> provide this functionality?
> Regards,
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

Matthew S. Crocker
Vice President
Crocker Communications, Inc.
Internet Division
PO BOX 710
Greenfield, MA 01302-0710

More information about the cisco-nsp mailing list