Good Morning
I have to migrate firewall Checkpoint configuration to a Cisco ASA 5585X device.
Checkpoint has many "accept", "drop", "encrypt" rules. But I could find some rules with action "Client Auth".
By Client Auth rules, a user in an user group, when accessing a destination, returns a kind of portal to user device asking user for authentication. When user is authenticated (by a Cisco ACS for example), user device is allowed to access destinations presented on associated Checkpoint access rule.
How can I implement this in a similar way on firewall ASA?
I really don't know if "aaa authentication, etc" could perform this.
I think I have to:
- configure user groups (or search for user groups in a TACACS/ACS server)
- have a access rule to a destination conditioning access to a kind of aaa user authentication
Thanks and best regards
Christian