From: Andre Teku (andre.teku@csosa.gov)
Date: Mon Jan 13 2003 - 18:21:46 GMT-3
Lock-and-key security-
Create a dynamic access-list that first permits "telnet" to the incoming
interface of R8. Then add a second dynamic entry that permit HTTP.
Example
access-list 102 permit tcp BB3.net host x.y.z.t eq telnet
access-list 102 dynamic testlist timeout 5 permit tcp any x.y.z.t eq http
!
interface XXX
ip address k.l.m.n 0.0.0.255
ip access-group 102 in
!
!
line VTY 0 4
autocommand access-enable timeout 5
password cisco
Andre
-----Original Message-----
From: Sam.MicroGate@usa.telekom.de [mailto:Sam.MicroGate@usa.telekom.de]
Sent: Monday, January 13, 2003 4:16 PM
To: andre.teku@csosa.gov
Subject: RE: Conditional Access
Thanks body..
Sam
-----Original Message-----
From: Andre Teku [mailto:andre.teku@csosa.gov]
Sent: Monday, January 13, 2003 4:11 PM
To: 'Sam.MicroGate@usa.telekom.de'
Cc: 'ccielab@groupstudy.com'
Subject: RE: Conditional Access
Lock-and-key security-
Create a dynamic access-list that first permits "telnet" to the incoming
interface of R8. Then add a second dynamic entry that permit HTTP.
Example
access-list 102 permit tcp BB3.net host x.y.z.t eq telnet
access-list 102 dynamic testlist timeout 5 permit tcp any x.y.z.t eq http !
!
!
line VTY 0 4
autocommand access-enable timeout 5
password cisco
Andre
-----Original Message-----
From: Sam.MicroGate@usa.telekom.de [mailto:Sam.MicroGate@usa.telekom.de]
Sent: Monday, January 13, 2003 3:10 PM
To: ccielab@groupstudy.com
Subject: Conditional Access
Hello group,
I have this question from one of the online scenarios:
On R7, deny users from BB3 to access http server on R8 (R8 is configured as
http server) but when users from BB3 telnet to R8 and they are authnticated,
they can access the http server.
Thanks for your help.
Sam
.
This archive was generated by hypermail 2.1.4 : Sat Feb 01 2003 - 07:33:48 GMT-3