I'm trying to configure a Cisco Pix 506E. I've added a static translation rule for IP. Then I've added an access rule to the inside network over one port I need to use. Everything is working Ok and I do connect through the Pix over such port. But, when I add an Authentication rule with the LOCAL server to make the Pix ask for a User Name and Password when accessing to a host in the inside network, the connection is not possible and I no user name and password is requiered ever.
I presume you are trying to use Cut-Through-Proxy feature on this pix, if this is the case is this a standard TCP port like HTTP, HTTPS or TELNET? These are the only ports that work with straight forward with the proper aaa setup. If you are using another service like RDP or so you would need to use Virtual configs like virtual telnet or virtual http check the link below:
Excuse me, may be I did not explain very well. What I want to do is to perform a Remote Desktop Connection from the Outside network to a specific hot in the inside network, and to specify who can access that host in that way in the LOCAL Pix database with user names and passwords. So, it happens that when I create the static translation rule and an access rule to give access on the Remote Desktop Port (3389), I do connect by Remote Desktop to the host in the inside network. But, when I add an Authentication Rule, I am not ever asked for the user name nor password and the connection is not possible any more. You told that this is not possible? I'm using PDM to configure the Pix.
You did explain well, this feature is called Cut-Through-Proxy, and it is supported straigh through for HTTP, HTTPS and TELNET, for services such as RDP (port 3389) you need to use either virtual telnet or virtual http to make it even prompt for authentication, please take a look at the link I sent you.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...