1. Home
  2. Networking
  3. Router firewall security

Summary

This chapter showed you the basics of lock-and-key ACLs. Lock-and-key is what I like to call the poor man's version of authentication proxy. Lock-and-key ACLs are used to authenticate a user, opening a temporary hole in your extended ACL filter to grant the user access to other resources. Lock-and-key can use a line password, a local database, or an AAA server to authenticate users, and can authenticate users as their connections either enter or leave the network (or both). Lock-and-key typically is used in a small network that needs to authenticate a specific type of access and when the perimeter router/firewall does not have the Cisco IOS Firewall feature set with authentication proxy installed.

Next is Chapter 14, "Authentication Proxy," which shows you the replacement to lock-and-key ACLs on a router.



    		Part I: Security Overview and Firewalls
    		Part II: Managing Access to Routers
    		Part III: Nonstateful Filtering Technologies
    		Part IV: Stateful and Advanced Filtering Technologies
    		Part V: Address Translation and Firewalls
    		Part VI: Managing Access Through Routers
    		Chapter 13. Lock-and-Key Access Lists
    		Lock-and-Key Overview
    		Lock-and-Key Configuration
    		Lock-and-Key Example
    		Summary
    		Chapter 14. Authentication Proxy
    		Chapter 15. Routing Protocol Protection
    		Part VII: Detecting and Preventing Attacks
    		Part VIII: Virtual Private Networks
    		Part IX: Case Study