cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
525
Views
5
Helpful
4
Replies

2921 and windows authentication

Chris Coho
Level 1
Level 1

Hello,

     We are in the process of switching our infrastructure of our routing/firewalls/vpns over to cisco.  We are switching our first location and one of the issues I'm struggling with is windows authentication pass-through for internally hosted web pages.  Meaning, user inside our network has the 2921 as their default gateway, they try to access a web page that is hosted on the internal network but is secured with windows authentication.  In the past, because they are logged into the domain internally, the website authenticates and loads.  After switching to the Cisco, it asks for a password even though they are logged in.

     Because its the web server that actually authenticates I'm not sure why the router isn't allowing that to happen, but I can't think of anything else that could be causing this behavior.  Has anyone else dealt with this and if so what did you do to resolve it?

Thanks.

4 Replies 4

Chris Coho
Level 1
Level 1

I have more information, and it may no longer be a cisco question (if someone has insight I will still accept it thought!)

It appears the problem is occurring because the browsers (doesn't matter which browser I use) are no longer recognizing internal domains as local intranet sites automatically (if I manually enter the local domain as local intranet all is well).  This worked through ISA but not through the 2921... is there anything that can be done to fix that so i don't need to set that up manually on every machine in the organization?

Again sorry, if this has diverged and is somewhat off topic now.

Chris Coho wrote:

I have more information, and it may no longer be a cisco question (if someone has insight I will still accept it thought!)

It appears the problem is occurring because the browsers (doesn't matter which browser I use) are no longer recognizing internal domains as local intranet sites automatically (if I manually enter the local domain as local intranet all is well).  This worked through ISA but not through the 2921... is there anything that can be done to fix that so i don't need to set that up manually on every machine in the organization?

Again sorry, if this has diverged and is somewhat off topic now.


Hello Chris,

Seems to be you have lost single sign n functionality ...check withIE explore setting under securty tab ..goto custom level and check for user authentication tab.. that should give you the answer for your query ...

Hope to help !!

Ganeshh Iyer

Rate if it Helps ...

Ganeshh, Thank you for your response.  What I ended up doing was setting a group policy to push out our local domains into the local intranet zone of the browsers, and that seems to have solved it.

Thanks!

Chris Coho wrote:

Ganeshh, Thank you for your response.  What I ended up doing was setting a group policy to push out our local domains into the local intranet zone of the browsers, and that seems to have solved it.

Thanks!

That Great Chirs ...Your problem solved !!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: