Solved: Re: A Simple Question about Cut Through Proxy

tdhb..hiq · ‎01-23-2011

Hi All,

We are looking at using Cut Through Proxy authentication, but I have a question about shared computers, ie Citrix. How does the firewall open up access once the user is authenticated? Is it by host MAC address, in which case would open up the Citrix server to have the same access as the user which authenticated.

If anyone can shed some light on this it would be appreciatd.

Scott

mirober2 · ‎01-24-2011

Hi Scott,

The cut through proxy feature creates an authenticated session between the source IP address and the authenticated username. Therefore, if one user logs in to the Citrix server and successfully authenticates, all connections from that server's IP address will be considered authenticated as well. You can see these sessions in the 'show uauth' output on the ASA.

Hope that helps.

-Mike

View solution in original post

mirober2 · ‎01-24-2011

Hi Scott,

The cut through proxy feature creates an authenticated session between the source IP address and the authenticated username. Therefore, if one user logs in to the Citrix server and successfully authenticates, all connections from that server's IP address will be considered authenticated as well. You can see these sessions in the 'show uauth' output on the ASA.

Hope that helps.

-Mike

tdhb..hiq · ‎01-24-2011

Thanks Mike.

I thought something like that would be the case, but I could not find in the Cisco docs.

Cheers

Scott