Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
4103
Views
0
Helpful
4
Replies

Is it possible to perform 'http to https' redirects from ASA ?

Go to solution
Zubair.Sayed_2
Level 1
Level 1

‎11-02-2012 12:08 AM - edited ‎03-11-2019 05:17 PM

Hi all,

We recently had some penetration testing done on one of our servers (which has a public front end), and a major issue that was found is that users are able to authenticate without using HTTPS.

I know that we can configure http to https redirects on the server using IIS but we would like to try and get this redirected before the traffic gets to the server.

Browsing some past posts on the forum I found this:

"The ASA can only redirect HTTP/HTTPs traffic to a websense or secure computing smartfilter (owned by McAfee)."

Is it possible to redirect traffic at the ASA as we do not have a websense or smartfilter server in place?

Thanks

Z

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎11-02-2012 05:17 AM

No, unfortunately this is not supported feature on the ASA. You might want to perform the redirection on the server itself.

Also, in regards to the statement: "The ASA can only redirect HTTP/HTTPs traffic to a websense or secure computing smartfilter (owned by McAfee).", this is to actually redirect all HTTP/HTTPS traffic to an external URL filtering server to perform URL filtering, so it's not the redirect feature that you are after.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎11-02-2012 05:17 AM

No, unfortunately this is not supported feature on the ASA. You might want to perform the redirection on the server itself.

Also, in regards to the statement: "The ASA can only redirect HTTP/HTTPs traffic to a websense or secure computing smartfilter (owned by McAfee).", this is to actually redirect all HTTP/HTTPS traffic to an external URL filtering server to perform URL filtering, so it's not the redirect feature that you are after.

0 Helpful

Go to solution
Zubair.Sayed_2
Level 1
Level 1
In response to Jennifer Halim

‎11-02-2012 06:15 AM

Jennifer,

Thank you for clearing this up.

Much appreciated.

Zubair

0 Helpful

Go to solution
david.tran
Level 4
Level 4
In response to Zubair.Sayed_2

‎11-02-2012 06:40 AM

if you want to do something like this, get a real firewall like Checkpoint or Juniper

0 Helpful

Go to solution
Zubair.Sayed_2
Level 1
Level 1
In response to david.tran

‎11-02-2012 07:54 AM

Nice one David,  

Strange though why Cisco has not built these features in the ASA's........

0 Helpful
Review Cisco Networking for a $25 gift card
li.common.scroll-to.top