I've to set up a firewall solution for a company which is using some terminal servers for their users.
What I'm concerned about is how PIX would handle internet connections coming from the same internal IP address ( whose of the terminal server ) .
I need the PIX to askk for authentication for outgoing HTTP connections , but all the user will be seen as coming from the same IP address. I wonder if the PIX would prompt for authentication only at the first user connection.
Also I'd like to know if anyone has set up , and how , the authentication using Microsoft's WIN2000 embedded RADIUS server .
The PIX caches authentication information based on source IP address unless you set the timeout value to zero. Doing so, will require your users to re-authenticate constantly. I dont understand your setup enough to know how all your users will be coming from the same IP address and if so, how the return packets will route to the respective user properly regardless. I would suggest talking to a Cisco SE to propose a solution for you.