×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ASA route and authenticate via LDAP to proxy

Unanswered Question
Jul 2nd, 2013
User Badges:

Hello,


I have just stood up an ASA 5520 on one of my companies internal networks. The idea is to have it sit in front of an internal proxy server that directs traffic to other internal networks. The networks the proxy allows access to are restricted so therefore I need to set up authentication via our companies LDAP on the ASA. The ASA also needs to foreward all traffic it recieves directly to this proxy once authenticated. Is this a solution the ASA can handle? If so, what route should I take to getting it all set up?


Thanks,


RC

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Andrew Phirsov Tue, 07/02/2013 - 05:50
User Badges:
  • Silver, 250 points or more

I think the best solution here is to enable authentication on the proxy itself. Regarding the ASA there's an option to use cut-through proxy (CTP) feature with LDAP authentication.

ryan.coakley93 Tue, 07/02/2013 - 05:54
User Badges:

We already have that in place. There has been some recent interest in upgrading security though and I would definilty prefer it to happen on the ASA. Also, if i were to have the ASA in front of the proxy, would I have to point my browers proxy settings to the ASA or the proxy itself?

Andrew Phirsov Tue, 07/02/2013 - 06:04
User Badges:
  • Silver, 250 points or more

They should pe pointed to the proxy, ASA will just intercept the traffic for authentication. After authentication the traffic will flow through it to the proxy.

Actions

This Discussion

Related Content