*** Update ***

SHABEEB KUNHIPOCKER · ‎12-13-2015

Hello All,

I am implementing a pair of virtual WSAs with transparent redirection from ASA. Active directory is integrated with the WSAs for user authentication. Today I noticed that even if a user enters his credentials once , the WSA asks for credentials for the second time and the user has to enter his credentials again. Meaning the authentication prompt comes two times and after that everything goes fine. There is a small difference between the first authentication prompt and the second authentication prompt. I have attached the screenshot for reference. Did anyone experience this issue before?. Please help me to fix this issue ASAP.

Thanks in advance

shabeeb

Ken Stieers · ‎12-13-2015

You're being forced through both WSAs because the redirect ACL on WCCP doesn't have denies for the WSAs...

SHABEEB KUNHIPOCKER · ‎12-13-2015

Hello Ken,

Thanks for the reply. I have the deny statements in the WCCP access-list. I checked and I am using load balancing based on client IP in the WSA. May be in the screen shots you will find two different WSAs, but actually a the same WSA is asking for authentication twice.

Thanks and Regards

Shabeeb

SHABEEB KUNHIPOCKER · ‎12-14-2015

*** Update ***

Previously I was using the option ' basic or ntlm or kerberos authentication' in the identification profile. Yesterday I set the identification profile to use only ntlm and tried to authenticate through different browsers. Both chrome and firefox did not let me authenticate at all. But internet explorer authenticated me as expected. Please let me know if anyone had these issues.

Thanks and Regards

Multiple Authentication prompts in Cisco WSA deployed as transparent proxy