Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3792
Views
0
Helpful
1
Replies

ASA web proxy?

jim_berlow
Level 3
Level 3

‎03-06-2009 08:41 AM - edited ‎02-21-2020 03:20 AM

Does anyone know if the ASA has a built in web proxy like competing products? Basically, I want to proxy all internal users and authenticate them against Active Directory. Based upon their group permissions, I want to be able to configure what kinds of websites they can gain access to.

If the product can't do this - will it at least allow me to authenticate users for access to the internet? Anything else I can configure to limit what access they have?

Thanks,

Jim

1 person had this problem
0 Helpful
1 Reply 1

Ivan Martinon
Level 7
Level 7

‎03-06-2009 10:02 AM

AFAIK the ASA will not work like that, however you might be able to configure it somehow like that.

Using DAP and cut-through proxy, you can choose a list of access-lists that will be pushed to the user based on their group membership after they authenticate.

Using LDAP as the authentication protocol and retrieving the LDAP attributes like memberOf you can use DAP to enforce this kind of network ACL where you can chose what remote destination will this user be able to reach, unfortunately this is not as granular as defining the NAMES of your sites rather your IP Addresses.

https://www.cisco.com/en/US/products/ps6120/products_white_paper09186a00809fcf38.shtml

http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/user/guide/vpn_dap.html

HTH

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card