04-09-2008 12:09 AM - edited 03-11-2019 05:28 AM
Hello
We have a FWSM in use with some 3.1.x software on it. The clients are authenticated via http AAA login box.
We would love to switch to https instead of http.
My tests have shown now that the https URL is always the one the client typed in into his browser. This produces an "invalid certificate" message on his browser. This is something which we can't use, so I try to get a signed certificate on the FWSM.
The problem now is, this URL is random and won't be changed to the hostname of the FWSM. Is it possible to change that behaviour?
Something like:
- client opens http(s)://www.test.com
- client gets redirected to https://fwsm.domain.com and gets no invalid certificate message (because fwsm.domain.com has a valid certificate)
- after valid authentification gets back to http(s)://www.test.com
Is that somehow possible?
Thanks,
Patrick
04-15-2008 05:04 AM
You can prevent unauthorized users from reconfiguring your switch and viewing configuration information. Typically, you want network administrators to have access to your switch while you restrict access to users who dial from outside the network through an asynchronous port, connect from outside the network through a serial port, or connect through a terminal or workstation from within the local network
04-15-2008 07:16 AM
That's absolutely not what I need.
Please read my post again.
We do client authentication through tacacs over http on the FWSM.
After the client is successfully authenticated, he gets an xlate in the FWSM and is allowed to use the network.
We'd like to switch that authentication now to https.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: