Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
751
Views
0
Helpful
1
Replies

"authentication proxy" from PIX inside interface?????

kirkster
Level 3
Level 3

‎02-03-2005 09:18 AM - edited ‎02-21-2020 10:12 AM

Hi,

I have a customer with a Watchguard firewall. They have an interesting feature in that they can http (or https) to the inside interface address on port 4100. This throws a username/password applet back to the user. When authenticated (done locally on the watchguard) they can browse the web. This allows users to browse from any PC (so we don't have to worry about inside IP addresses) and bypass the websweeper http proxy. This is a very useful facility for authenticated users given access to this service - i.e. bosses !!!

Can I do anything similar to this on PIX515E? I was thinking of the virtual telnet/http service. Would it be possible to authenicate locally on the PIX? Could I also authenticate on a Windows Active directory instead of a Radius server? This is advanced stuff for me at the moment sicen I am a newbie to PIX so forgive me if this question is a bit previous.

Thanks for any suggestions or URL's

Regards, Steve

Labels:
0 Helpful
1 Reply 1

nkhawaja
Cisco Employee
Cisco Employee

‎02-03-2005 10:32 AM

you are thinking in the right direction. you can use virtual telnet/http (auth proxy), but you have to use some radius server . you cant directly connect to active directory. you can configure the radius server to talk to active directory.

0 Helpful
Customers Also Viewed These Support Documents