Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
599
Views
0
Helpful
3
Replies

Cisco ASA Cut-Through Proxy Authentication with User Identity

giuseppe parlato
Level 1
Level 1

‎08-05-2015 04:31 AM - edited ‎03-11-2019 11:23 PM

Hello,

 

I'd like to implement Cut-Through Proxy LDAP Authentication with User Identity for pc that are not in AD domain. What about if those pc have ssh rules for example ? I guess it is not possible to intercept ssh traffic then open a listener http page to authenticate user.

Labels:
0 Helpful
3 Replies 3

Vibhor Amrodia
Cisco Employee
Cisco Employee

‎08-11-2015 07:11 AM

Hi,

So your query is that you would like Cut Thru Authentication to work for the users not in LDAP where LDAP is your AAA server ?

I don't think this should be possible as the user identity would not be known to the ASA device to apply the rules.

Thanks and Regards,

Vibhor Amrodia

0 Helpful

giuseppe parlato
Level 1
Level 1
In response to Vibhor Amrodia

‎08-12-2015 01:19 AM

No sorry let me clarify, I was just wondering if there is any other way to catch traffic other then http/https for cut-through proxy autentication. I suppose the answer is no.

0 Helpful

Vibhor Amrodia
Cisco Employee
Cisco Employee
In response to giuseppe parlato

‎08-12-2015 02:10 AM

Hi,

Actually you can.

You can refer this for more information:-

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113363-asa-cut-through-config-00.html

http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/70992-tacacs-radius-config.html

Thanks and Regards,

Vibhor Amrodia

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card