Case Studies
So far we have seen how CBAC with ACL can filter the traffic based on the IP address and port numbers. This section looks into a feature of IOS Firewall called auth-proxy that allows you to control the traffic based on the user name. This feature allows security administrators to apply specific security policies on a per-user basis. Users are authenticated and authorized according to their profiles in a Terminal Access Controller Access Control System (TACACS+) or Remote Authentication Dial-In User Service) RADIUS server.