Using a PIX 525 with software 6.2 I am running into some issues with the PIX and how it authenticates HTTP access.
I have the PIX configured to authenticate against a Cisco Secure ACS server running on Windows NT which is setup to use an external Windows Domain for usernames. When User A opens a web browser and points to a URL, they are prompted for authentication. They successfully login and are browsing ok. If they close the browser and re-open, they are not prompted again for authentication. If they log out and log back in as another user, they are not prompted for authentication, in fact they are still using User A as the authenticated account. I have played with the uauth timers on the PIX but it just doesn't seem to be a good solution... We are also using Raptor 6.5, and with Raptor the browser sends the credentials every time and Raptor verifies that the user is logged in. When you close the browser, the browser no longer contains the cached credentials so when you hit the firewall, you are prompted for authentication. Therefore, you are only asked for authentication once per browser session. Can this be done with the PIX? Am I missing something? Cisco's implementation does not seem to be a good from what I have seen so far... Any help is greatly appreciated! __________________________________________________ Do You Yahoo!? Yahoo! Shopping - Mother's Day is May 12th! http://shopping.yahoo.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
