cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

5878
Views
0
Helpful
7
Replies
dflores83
Beginner

ASA Cut through proxy configuration

Hi guys,

I would like to configure limited internet access to olnly a select group of Windows AD users.

I beleive cut-through proxy will allow me to do this, just not sure how to configure it on a Cisco ASA-5510

thanks

7 REPLIES 7
Collin Clark
Advisor
Ivan Martinon
Rising star

The link given will definitely work however you would not be able to select access based on the AD group, if that is what you need to achieve and you have ASA version 8.0 you can work Cut-Through-Proxy together with DAP.

Using Cut-Trough-Proxy with a standard authentication server will only allow or reject depending on the authentication result, but any user within your AD schema will be able to get internet access. If you need to restrict this based o Windows Groups as well your best shot is Cut-Through-Proxy with DAP and LDAP:

http://www.cisco.com/en/US/products/ps6120/products_white_paper09186a00809fcf38.shtml

Hi Ivan,

could you please give any suggestion about usage cut-through-proxy and DAP with LDAP together ?

any function config or any document on web ?

link you specified was just about DAP and there is no specified how it is possible join cut-through-proxy and DAP.

Thanks a lot,

Vladimir

Hi Ivan,

We cannot access to the doc on the link.

Can you help us ?

Thanks in advance.

Its too late. But if someone else need to access it. Please try

http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/user/guide/vpn_dap.html

Jatin Katyal

~Jatin
Ravi Singh
Rising star

For configuration help on Cut through Proxy on ASA 5510 you can see the following config guide.

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_idfw.html#wp1324095

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube