cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
903
Views
0
Helpful
1
Replies

ASA Direct Authentication - HTTPS

malikyounas
Level 1
Level 1

I have followed the guide on the link below to configure direct authentication on ASA. HTTP part of it works fine but HTTPS doesn't.

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113363-asa-cut-through-config-00.html

As per guide the configuration quite simple to achieve and works OK for HTTP. However, as soon as I replace HTTP with HTTPs, the web page shows a certificate error which I ignore but doesn't load anything afterwards and just keeps waiting. Any idea how to get it working?

interface Ethernet0
 nameif inside
 security-level 100
 ip address 20.20.20.2 255.255.255.252
!
interface Ethernet1
 nameif outside
 security-level 0
 ip address 10.10.10.55 255.255.255.0
!
access-list inside extended permit ip any any
access-list outside extended permit ip any any
access-list authmatch extended permit tcp any host 10.10.10.55 eq 5555
access-group inside in interface inside
access-group outside in interface outside
user-identity default-domain LOCAL
aaa authentication match authmatch outside LOCAL

aaa authentication listener http outside port 5555
http server enable
http 10.10.10.0 255.255.255.0 outside

1 Reply 1

flos.jiri
Level 1
Level 1

Try this add:

"aaa authentication listener https outside port 5555"

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: