Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
399
Views
0
Helpful
1
Replies

AAA Authentication on ASA 5500

Go to solution
jimmyc_2
Level 1
Level 1

‎10-30-2013 06:58 AM - edited ‎03-11-2019 07:58 PM

  I set up AAA authentication for traffic going through my firewall.   That causes the PINGs to be denied.   I assume that is by design.   What protocols would cause a prompt to display so the originator could traverse the FW?   I'm not sure how AAA functions in this regard.

Thanks.                

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎10-30-2013 07:15 AM

Hello Jimmy,

When you talk about traffic going through your firewall are u referring to Cut-through Proxy??

If U use Cut-Through Proxy u will get a promtp for traffic such as telnet, HTTP,HTTPS and FTP.

If u want to authenticate other traffic u should use virtual-telnet, virtual HTTP or HTTP redirect.

Here are some blogs posts on my website talking about this:

http://www.laguiadelnetworking.com/asa-http-redirect/

http://www.laguiadelnetworking.com/asa-virtual-http-and-virtual-telnet/

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎10-30-2013 07:15 AM

Hello Jimmy,

When you talk about traffic going through your firewall are u referring to Cut-through Proxy??

If U use Cut-Through Proxy u will get a promtp for traffic such as telnet, HTTP,HTTPS and FTP.

If u want to authenticate other traffic u should use virtual-telnet, virtual HTTP or HTTP redirect.

Here are some blogs posts on my website talking about this:

http://www.laguiadelnetworking.com/asa-http-redirect/

http://www.laguiadelnetworking.com/asa-virtual-http-and-virtual-telnet/

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card