Skip to main content

Authenticate access to internet

More
14 years 6 months ago #34398 by apit
hi..
Currently we are using 3 layer design using Cisco switches as below :

Core Switch :: 6500 series
Distribution Switch :: 3500 series
Access switch :: 2900 series
Radius :: Cisco ACE

We are planning to authenticate all user access to internet using wired or wireless access. Can it be done using the above hardware?

Tq
More
14 years 6 months ago #34411 by KiLLaBeE
Not saying that those devices can't do it, because I'm not familiar with all the features that their IOS offers, but most of the time authentication to the Internet is done by a proxy server. I'm guessing you want to use existing resources rather than go out and buy something new?
More
14 years 6 months ago #34420 by Nevins
Would port security work?


Useful Threads
================================
www.firewall.cx/forum/2-basic-concepts/3...e-resource-page.html
More
14 years 6 months ago #34421 by KiLLaBeE

Would port security work?


Hmm...interesting vid.

I don't believe so, port security will either cause a port to reject traffic or it'll let it pass, but it won't let the user choose what kind of traffic to pass through (i.e.: traffic destined internally vs traffic destined externally)
More
14 years 6 months ago #34422 by apit

Not saying that those devices can't do it, because I'm not familiar with all the features that their IOS offers, but most of the time authentication to the Internet is done by a proxy server. I'm guessing you want to use existing resources rather than go out and buy something new?


Yup...i would like to use existing devices. Anyone have use any Cisco solutions to resolve this kinda problem?
More
14 years 6 months ago #34427 by Nevins
I'm sorry but didn't you say:

authenticate all user access


The term authenticate means to make sure the user is who they say they are. In this case port security would only allow certain people to connect. The way your talking it seems more like your simply trying to block websites so users don't go onto unapproved websites.


So are you trying to authenticate user access or block users from websites?

In the cause that your trying to block users I highly recommend using www.opendns.com/ it's very easy to set up.


On the other hand if your trying to Authenticate user access try the port security.


To be honest I'm a bit confused on what you actually want so I'm going to also ask what is the goal of what your trying to do?

Useful Threads
================================
www.firewall.cx/forum/2-basic-concepts/3...e-resource-page.html
Time to create page: 0.154 seconds