I have just stood up an ASA 5520 on one of my companies internal networks. The idea is to have it sit in front of an internal proxy server that directs traffic to other internal networks. The networks the proxy allows access to are restricted so therefore I need to set up authentication via our companies LDAP on the ASA. The ASA also needs to foreward all traffic it recieves directly to this proxy once authenticated. Is this a solution the ASA can handle? If so, what route should I take to getting it all set up?
I think the best solution here is to enable authentication on the proxy itself. Regarding the ASA there's an option to use cut-through proxy (CTP) feature with LDAP authentication.
We already have that in place. There has been some recent interest in upgrading security though and I would definilty prefer it to happen on the ASA. Also, if i were to have the ASA in front of the proxy, would I have to point my browers proxy settings to the ASA or the proxy itself?
They should pe pointed to the proxy, ASA will just intercept the traffic for authentication. After authentication the traffic will flow through it to the proxy.