Occassionally I have a need to isolate a group of servers behind a PIX506E. The Pix is cofigured to allow telnet (and ssh) sessions to the inside servers and the users then login using their individual server userids/passwords. I'd like to have the Pix intercept the telnet session and authenticate each user before they get to the server. In other words, the user would issue the telnet "server" command and get prompted either by TACACS or RADIUS for authentication and then allow the session to continue to the server where the user would then enter their userid/password. Is this even possible and if so what would the pix config look like? I don't want to use VPN clients beause I really don't want users to install anything additional on their systems and this is all on internal networks so I don't need the encryption.
Thank you!
Thank you!