07-25-2012 08:50 PM - edited 03-11-2019 04:34 PM
Has anyone configured a Juniper to authorize users 'thru' a firewall?
Sent from Cisco Technical Support iPad App
Solved! Go to Solution.
07-26-2012 07:16 PM
Hi Bro
You're lucky I'm in a good mood today. Normally, I won't answer questions pertaining to non Cisco products, because I have less faith in them but I guess I'll answer your question.
Yes, Juniper Netscreen FW do have similar feature with Cisco Cut-Through Proxy. It's called WebAuth. For further details on this, please click on this URL http://kb.juniper.net/InfoCenter/index?page=content&id=KB4103
Here are some extra info for you :-)
a) Only FTP/Telnet/HTTP are supported if you want to have transparent interception.
OR
b) If you want to let all users to be authenticated first then the option is WebAuth in which user has to manually type in the WebAuth Server IP Address configured at NetScreen to authenticate themselves before they are granted access to any services
c) Only Local Database, RADIUS and LDAP authentication source are supported (No TACACS support as opposed to PIX/ASA)
P/S: if you think this comment is useful, please mark this question as answers and rate this comment nicely :-)
07-26-2012 10:34 AM
You should probably post your question on Juniper forum
07-26-2012 07:16 PM
Hi Bro
You're lucky I'm in a good mood today. Normally, I won't answer questions pertaining to non Cisco products, because I have less faith in them but I guess I'll answer your question.
Yes, Juniper Netscreen FW do have similar feature with Cisco Cut-Through Proxy. It's called WebAuth. For further details on this, please click on this URL http://kb.juniper.net/InfoCenter/index?page=content&id=KB4103
Here are some extra info for you :-)
a) Only FTP/Telnet/HTTP are supported if you want to have transparent interception.
OR
b) If you want to let all users to be authenticated first then the option is WebAuth in which user has to manually type in the WebAuth Server IP Address configured at NetScreen to authenticate themselves before they are granted access to any services
c) Only Local Database, RADIUS and LDAP authentication source are supported (No TACACS support as opposed to PIX/ASA)
P/S: if you think this comment is useful, please mark this question as answers and rate this comment nicely :-)
07-27-2012 04:28 AM
Thanks Ramraj! This is exactly what I was looking for. This is one of the projects I came into 'after' the equip was purchased.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide