Comprar o Renovar
Comprar o Renovar
cancelar
Activar sugerencias
La sugerencia automática le ayuda a obtener, de forma rápida, resultados precisos de su búsqueda al sugerirle posibles coincidencias mientras escribe.
Mostrando los resultados de 
Buscar en lugar de 
Quiere decir: 
cancel
Iniciar una conversación
4039
Visitas
0
ÚTIL
4
Respuestas

Is it possible to perform 'http to https' redirects from ASA ?

Ir a solución
Zubair.Sayed_2
Level 1
Level 1

‎11-02-2012 12:08 AM - editado ‎03-11-2019 05:17 PM

Hi all,

We recently had some penetration testing done on one of our servers (which has a public front end), and a major issue that was found is that users are able to authenticate without using HTTPS.

I know that we can configure http to https redirects on the server using IIS but we would like to try and get this redirected before the traffic gets to the server.

Browsing some past posts on the forum I found this:

"The ASA can only redirect HTTP/HTTPs traffic to a websense or secure computing smartfilter (owned by McAfee)."

Is it possible to redirect traffic at the ASA as we do not have a websense or smartfilter server in place?

Thanks

Z

Etiquetas:
0 Útil
1 SOLUCIÓN ACEPTADA

Soluciones aceptadas

Ir a solución
Jennifer Halim
Cisco Employee
Cisco Employee

el ‎11-02-2012 05:17 AM

No, unfortunately this is not supported feature on the ASA. You might want to perform the redirection on the server itself.

Also, in regards to the statement: "The ASA can only redirect HTTP/HTTPs traffic to a websense or secure computing smartfilter (owned by McAfee).", this is to actually redirect all HTTP/HTTPS traffic to an external URL filtering server to perform URL filtering, so it's not the redirect feature that you are after.

Ver la solución en mensaje original publicado

0 Útil
4 RESPUESTAS 4

Ir a solución
Jennifer Halim
Cisco Employee
Cisco Employee

el ‎11-02-2012 05:17 AM

No, unfortunately this is not supported feature on the ASA. You might want to perform the redirection on the server itself.

Also, in regards to the statement: "The ASA can only redirect HTTP/HTTPs traffic to a websense or secure computing smartfilter (owned by McAfee).", this is to actually redirect all HTTP/HTTPS traffic to an external URL filtering server to perform URL filtering, so it's not the redirect feature that you are after.

0 Útil

Ir a solución
Zubair.Sayed_2
Level 1
Level 1
En respuesta a Jennifer Halim

el ‎11-02-2012 06:15 AM

Jennifer,

Thank you for clearing this up.

Much appreciated.

Zubair

0 Útil

Ir a solución
david.tran
Level 4
Level 4
En respuesta a Zubair.Sayed_2

el ‎11-02-2012 06:40 AM

if you want to do something like this, get a real firewall like Checkpoint or Juniper

0 Útil

Ir a solución
Zubair.Sayed_2
Level 1
Level 1
En respuesta a david.tran

el ‎11-02-2012 07:54 AM

Nice one David,  

Strange though why Cisco has not built these features in the ASA's........

0 Útil
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card