cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1384
Views
0
Helpful
2
Replies

Integrated Windows authentication fails through PIX

mikehc
Level 1
Level 1

I regularly connect to an external website which uses IIS's Integrated Windows authentication (aka NTLM). When connecting to this site via a modem and dial-up account, IE6 prompts for a username and password. But when using the LAN connection, via a PIX 501, there is no prompt for credentials and the server returns HTTP 401.2 immediately.

Interestingly, if I set up the website to listen on port 8001 (or whatever) as well as 80, then it works fine through the PIX as well as the dial-up.

Can anyone shed any light on this? Thanks.

2 Replies 2

gfullage
Cisco Employee
Cisco Employee

Are you doing user authentication on the PIX as well, so that a user has to authenticate to the PIX before being able to send outbound traffic? If so, see the "virtual http" command docs here:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/cmdref/tz.htm#1037665

No, I'm not doing any authentication on the PIX (as far as I'm aware) - I'm using it pretty much straight out of the box and there are no AAA commands in the configuration.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: