On Wed, 2006-02-08 at 14:03 -0500, nick leachman wrote:
> Aaron, I'm not fluent on the 5510 per se; but if you are
> authenticating to an external AAA server such as a RADIUS server you
> might be able to set up downloadable ACLs and tie them to the users
> who are to be denied Internet access.
>
Absolutely. Same idea, just applied to a subset of users. Requires a
AAA back-end instead of just a couple of ACLs on the ASA.
> The ACLs would permit traffic only to and from your internal network;
> so if they tried to head into the wild they'd get denied - period.
>
>From my understanding of the original post, that's the behavior he
wanted for ALL hosts on the inside:
On Tue, 2006-02-07 at 06:05 -0800, John Madden wrote:
> Hi,
>
> Is there a way to NOT permit users from the inside to
> connect to a proxy server on the outside and bypassing
> the Web filtering software ?
>
________________________________________________________________________
@@ron Smith <smitha_at_byui.edu>
Network Operations
Brigham Young University Idaho
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Feb 09 2006
Intro
