Using Network Address Translation, we use (1) outside ip address for multiple internal website logins. That is, the first site would be xxx.xxx.xxx:81 and the second might be xxx.xxx.xxx:82 etc.
We're planning on using the Cisco ASA's native RSA authentication to protect (1) of these internal websites, and have successfully configured the AAA Server (the RSA box) in the SDI Server Group. However, when trying to come up with a AAA Server Rule, the Destination won't let me specify both the ip address and port I'd like to protect, only the ip address. So, I can protect everything on that outside ip address, but not the specific internal web server that the user request gets natted to.
Specific Setup: Cisco ASA 5510 Adaptive Security Appliance, Software Version 8.2(1)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...