Date: Mon, 29 Jun 1998 10:04:56 -0500 From: Edwin Culp <eculp@webwizard.org.mx> To: Evren Yurtesen <yurtesen@ispro.net.tr> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: cisco Message-ID: <3597AD18.4269525F@webwizard.org.mx> References: <Pine.BSF.3.96.980629170458.1562A-100000@finland.ispro.net.tr>
next in thread | previous in thread | raw e-mail | index | archive | help
Evren Yurtesen wrote: > > the problem is I just do not want my dialup user to not to be able > to use port 80, I do not want people on my local network to not to > be able to use port 80 too! > how may I do it? That is why I suggested tacacs. First you create your acl's on your cisco, but you don't apply them. You build and install tacas and configure it according to the manual I referenced before. You then apply the acl's on a user and/or group basis. some maybe helpful Reference material http://www.cisco.com/cpropub/univercd/data/doc/software/11_1/rfun/lrsysmgt.htm http://www.cisco.com/warp/public/701/31.html http://www.cisco.com/warp/public/76/7.html The most important is the file users_guide that comes in the tac_plus source directory. probecho ed > > +--------------------------------------------------------+ > | Name : Evren Yurtesen - yurtesen@ispro.net.tr | > | S-mail: Mithatpasa Cad. No:1079/13 35290 Guzelyali | > | Home:+90-232-2857604 Work:+90-232-2463992 Izmir/TURKEY | > +--------------------------------------------------------+ > > On Mon, 29 Jun 1998, Edwin Culp wrote: > > > Evren Yurtesen wrote: > > > > > > hello > > > this is not exactly related to freebsd, sorry but... :) > > > well I want to restrict my users to use port 80 to surf on the net, > > > instead I want them to use my proxy server at port 8080. > > > because I have limited bandwidth, also I just want to close port 80 > > > for my users, the other people should be able on the outside should > > > be able to connect my proxy server. > > > > > > also I want to do the reverse action to my un*x machines... > > > I do not want other people who are not belonging to my domanin > > > to be able to make telnet to my machines, but I want the people here > > > to be able to make telnet to their accounts outside... > > > > > > how may I do this? > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-isp" in the body of the message > > > > tacacs permits per user acl's for cisco, in addition to accounting. > > There is a port > > /usr/ports/net/tac_plus in the work/tac* directory there > > should be a pretty good tutorial type manual. > > > > provecho, > > > > ed > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3597AD18.4269525F>