×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

transparent user authentication verification

Unanswered Question
Dec 4th, 2013
User Badges:

folks


following authentication problems we've implemented two cda servers to use for transparent user authentication   


i've configured the existing ntlm domain to use the cda servers and allowed the radius traffic through my firewall     


i've created an identity to identify users in the ntlm realm transparently and to force auth if that fails


i've created an access policy which calls the identity above but when i test this its not working


i can get intranet and internet access but if i clear the authcache and then try to access a https site if fails and doesn't prompt for authentication


does anyone know how i can verify the wsa is using the transparent auth and why i don't get a prompt for the https site


thanksd to anyone taking the time to reply       

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Tommy Foucha Fri, 12/06/2013 - 09:07
User Badges:
  • Cisco Employee,

You can set the auth log to a highly logging level using the logconfig command and then tail the log while surfing. Also you can add the variable %m to the accesslog and it will add the authenticaiton method to the accesslog.


386349299.719 976 192.168.2.101 TCP_MISS/200 93399 GET http://www.yahoo.com/ "SSALAB\xxxxxx@SSALAB" DIRECT/www.yahoo.com text/html DEFAULT_CASE_12-SSALABXPMachinePol-SSALXPMachine-NONE-NONE-NONE-DefaultGroup - 206.190.36.45 "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)" NTLMSSP

Actions

This Discussion