Contents
xiii
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Order of NAT Commands Used to Match Real Addresses 17-13
Mapped Address Guidelines 17-13
DNS and NAT 17-14
Configuring NAT Control 17-15
Using Dynamic NAT and PAT 17-16
Dynamic NAT and PAT Implementation 17-16
Configuring Dynamic NAT or PAT 17-22
Using Static NAT 17-25
Using Static PAT 17-26
Bypassing NAT 17-28
Configuring Identity NAT 17-28
Configuring Static Identity NAT 17-29
Configuring NAT Exemption 17-31
NAT Examples 17-32
Overlapping Networks 17-33
Redirecting Ports 17-34
CHAPTER
18 Permitting or Denying Network Access 18-1
Inbound and Outbound Access List Overview 18-1
Applying an Access List to an Interface 18-4
CHAPTER
19 Applying AAA for Network Access 19-1
AAA Performance 19-1
Configuring Authentication for Network Access 19-1
Authentication Overview 19-2
One-Time Authentication 19-2
Applications Required to Receive an Authentication Challenge 19-2
Static PAT and HTTP 19-3
Authenticating Directly with the Security Appliance 19-3
Enabling Network Access Authentication 19-3
Enabling Secure Authentication of Web Clients 19-5
Configuring Authorization for Network Access 19-5
Configuring TACACS+ Authorization 19-5
Configuring RADIUS Authorization 19-7
Configuring a RADIUS Server to Send Downloadable Access Control Lists 19-7
Configuring a RADIUS Server to Download Per-User Access Control List Names 19-11
Configuring Accounting for Network Access 19-12
Using MAC Addresses to Exempt Traffic from Authentication and Authorization 19-13
To Next Page
Loading...
Need help?
General