[c-nsp] NAT-Device with authentication ?
harbor235
harbor235 at gmail.com
Wed Dec 16 13:03:12 EST 2009
The cisco ASA proxy authentication would authenticate you prior to being
NAT'd, if that fails you are prevented from gaining external access. Thsi
can be accomplished for any application you wish. I am sure most if not all
enterprise class firewalls have this feature.
Mike
On Wed, Dec 16, 2009 at 9:59 AM, David Freedman <david.freedman at uk.clara.net
> wrote:
> did you look at VLAN segregation pre/post authentication with either
> 802.1x (integrated auth) or VMPS (external auth)?
>
> Dave.
>
> Andreas Mueller wrote:
> >
> > Hello,
> >
> > are there any (cisco)-NAT-devices which enable the NAT after the user
> > has done some kind of authentication - which is checked against a
> > radius-server or an active directory for example ? What I need is like a
> > captive portal connected to a NAT-device.
> > The scenario I try to have is: The user will get its IP-address from a
> > private IP-range via DHCP after connecting his computer to the network..
> > With this address he should be able to connect to services within his
> > internal network. But to connect to computers outside his network he
> > should authenticate himself.
> >
> > thanks for hints && greetings,
> >
> > Andreas
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list