cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
794
Views
0
Helpful
7
Replies

AAA Authentication Issue

singraj2001
Level 1
Level 1

Hi,

I have configured one inside interface and one outside interface of the ASA Firewall. If inside users want to access the Web server located in outside interface AAA LOCAL database has to authenticate. After done the configuration I try to authenticate and Its authenticating very first time. But next time onwards its not asking any authentication credential even I clear the cookies on the Browser and try with other Browser also, even though its directly entering the web page.

Please let me what could be the problem and what I needs to change. I attached the configuration file for your reference.

7 Replies 7

Hi,

You have set the timeout for uauth to 10 seconds.

Can you check when you attempt to connect again, if the user show as authenticated still?  ''sh uauth''

Federico.

Hi,

Yes, We have changed the timeout upto 10 seconds within the timeout put "show uauth" No users appear in the window.

Thanks

S.Rajkumar

singraj2001
Level 1
Level 1

Hi,

Yes, We have changed the timeout upto 10 seconds within the timeout put "show uauth" No users appear in the window.

Thanks

S.Rajkumar

How often do you want the ASA to prompt for authentication?

What happen if you set:

uauth timeout 00:00:01

Federico.

Hi,

Yes, I have changed the timeout upto 00:00:01 within the timeout put "show uauth" No users appear in the window.

ASA needs to authenticate per session basis and also every attempt to login.

Thanks

S.Rajkumar

I think that when you attempt an HTTP connection through the ASA, the ASA will prompt for authentication (if configured),
and allow the connection through.
But the ASA will not prompt for authentication again if the connection is still in the connection table of the ASA.
i.e
If you try to launch a different web page after succesfully authenticated, do you get prompted for credentials again?

Federico.

Thanks for your reply.

      1.    If I try to launch a different web page after succesfully authenticated, I did not get prompt for credentials again.    

2.     I have changed the Timeout for user authentication to 1 sec using the below command and clear the cookies from inside user system and also clear the uauth in ASA. Now I can able to see login prompt every attempt using same procedure at every time. But its not possible after implementing the setup do all the procedure every time.

            Is there any permanent solution for this ?

3.     Please let me know Is it AAA authentication will support for Remote Desktop Protocol ? Because I configured with 3389 port and try to login but it through the error message which I attached.

     Timeout uauth 0:0:1 absolute

Regards

S.Rajkumar

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: