cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


120
Views
0
Helpful
1
Replies
Highlighted
Beginner

AAA Authentication on ASA 5500

  I set up AAA authentication for traffic going through my firewall.   That causes the PINGs to be denied.   I assume that is by design.   What protocols would cause a prompt to display so the originator could traverse the FW?   I'm not sure how AAA functions in this regard.

Thanks.                

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions

AAA Authentication on ASA 5500

Hello Jimmy,

When you talk about traffic going through your firewall are u referring to Cut-through Proxy??

If U use Cut-Through Proxy u will get a promtp for traffic such as telnet, HTTP,HTTPS and FTP.

If u want to authenticate other traffic u should use virtual-telnet, virtual HTTP or HTTP redirect.

Here are some blogs posts on my website talking about this:

http://www.laguiadelnetworking.com/asa-http-redirect/

http://www.laguiadelnetworking.com/asa-virtual-http-and-virtual-telnet/

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
1 REPLY 1

AAA Authentication on ASA 5500

Hello Jimmy,

When you talk about traffic going through your firewall are u referring to Cut-through Proxy??

If U use Cut-Through Proxy u will get a promtp for traffic such as telnet, HTTP,HTTPS and FTP.

If u want to authenticate other traffic u should use virtual-telnet, virtual HTTP or HTTP redirect.

Here are some blogs posts on my website talking about this:

http://www.laguiadelnetworking.com/asa-http-redirect/

http://www.laguiadelnetworking.com/asa-virtual-http-and-virtual-telnet/

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC