Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Can I authenticate to multiple ASA5510's at the same time?

All,

In my company we have several networks that are segregated from the overall corporate LAN  (2 in the US, 2 outside of the US).  These are physically seperate networks on seperate subnets, but all of the computers on the 4 networks are on the same global domain.  The networks use the corporate lan to pass data between them.

Each network has a single physical line in and out and each network has a firewall at the "front door".  This firewall is there to prompt for authentication from users trying to come in over our corporate VPN connection.  They have to provide domain credentials for our global domain.  Inside each of our networks there is also an authentication server that authenticates their domain credentials they provide.

Currently if a user want to access site A from VPN, they have to authenticate to site A's firewall.  If they then want to access site B they have to again authenticate to site B and so on.

My question is, is it possible to set it up so that a user can authenticate on thefirewall at site A and then be automatically allowed access to the other sites as well?  Somehow the firewall would need to communicate to the other firewalls that this IP address is OK?  Or does the authentication server need to be set up to contact all the firewalls?

Just wondering if this is possible or if the users just need to authenticate to each site.

1 REPLY
Cisco Employee

Can I authenticate to multiple ASA5510's at the same time?

I don't think there is any way to replicate the policies form one firewall to other until unless you do not configure HA. So at the end you have to authenticate the use again.

139
Views
0
Helpful
1
Replies
CreatePlease login to create content