How do you get the reauthenticate URL to work on blocked message?
I constantly have problems with my Sony Vaio S series laptop and our IronPort S160. I am trying to download a bluetooth driver from Intel's website. Many times when I try to download or go to places that I have access according to the IT Admins policies, I get a blocked page (and only on the laptop). I tried the same URL in IE9 and also Google Chrome and both result in the same output:
See above where it starts with Base64Decode error? That is where the Re-authenticate User link is supposed to be. We are supposed to be able to click a re-authenticate link and get a pop up where we can put our domain credentials in to attach our credentials to our current IP address.
So 2 questions here really...
1. Why doesn't the reauthenticate link always work? I would say it shows up 1% of the time (so very rarely... but I have seen it).
2. I'm logged into Windows 7, joined to our domain on a laptop and a desktop. Why does the laptop aways see me as DOMAIN\computername@windows but the Ironport see's my desktop as DOMAIN\username@windows?
Both PC's are running Windows 7 Professional 64-bit, IE 9. The only difference is one is a Sony laptop with an Intel Adv-N 6230 wireless card and the Desktop is a custom built with an ASUS motherboard and Marvel GigE on board connection. Windows updates would be identical because our WSUS server approves our updates and we are configured via Group Policy to get those updates on a weekly basis.
There could be some issues with this traffic when going via the S160.
1. The user, DOMAIN\cpu00430$@Windows, is not supposed to be authenticated as computer name. I believe this is related to Windows NCSI traffic that is known to be available from Windows7 and Vista. You may need to create a separate identity in the S160 to allow this traffic. Please see the link to the KB, Article #1713: Traffic from Windows 7 / Vista clients shows workstation instead of user in the access logs Link: http://tools.cisco.com/squish/13383
2. Once the user has been authenticated properly, make sure that the driver file type is not blocked in the access policy.
The purpose of this document is to demonstrate how ISE authenticate / authorize a user that uses a smart card (PIN + Certificate) and password mechanism to login their system. This document describes the components used for this setup, configuration of IS...
For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b...
Automation and programmability for networking and security are increasingly important topics. Every release since ISE 1.2 has included new REST API capabilities to better automate and integrate ISE with the rest of your network, appli...
The latest iteration (v2.3.4) of the Cisco Secure Firewall Migration Tool adds public beta support for S2S VPN migrations from ASA:
Policy-based (crypto map) Pre-Shared key authentication type VPN configuration to Firepower Management Center
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...