06-08-2006 08:52 AM
Hi!
I have a wird situation that i'd like to share to see if anyone can help me.
I have a CE510 doing caching and content filtering. The LAN users, when accessing the Internet, are authenticating using NTLM on a W2K Server (active directory).
The problem i have is that very often, randomly, the MS IE asks for reauthentication but i have a much longer reauthentication time configured on the CE510.
I'd been working on this issue for a long time and after doing some network sniffing, i found the CE510 and the W2kServer are also "speaking" LDAP protocol.
Please take a look at the configuration below.
############
ACNS version 5.3.5
!
hostname CCE-510
!
http authentication cache timeout 1440
http authentication cache ttl 1440
http cache-cookies
http object max-size 1492
http avoid-multiple-auth-prompts
http proxy incoming 8000 8080 9090
http proxy outgoing origin-server
http max-ttl hours text 4 binary 8
!
ftp-over-http proxy incoming 8000 8080 9090
ftp-over-http max-ttl days directory-listing 4 file 8
ftp-over-http proxy active-mode enable
!
ip domain-name customer.com
!
no gui-server enable
!
https proxy incoming 8000 8080 9090
!
interface GigabitEthernet 1/0
shutdown
exit
!
interface GigabitEthernet 2/0
ip address 192.168.2.100 255.255.0.0
mtu 1453
exit
!
ip default-gateway 192.168.0.253
!
no auto-register enable
!
ip name-server 192.168.0.3
!
logging console enable
logging console priority debug
logging disk priority debug
logging disk filename /local1/syslog5.txt
!
no bypass load enable
!
wccp router-list 1 192.168.0.252 192.168.2.10
wccp port-list 1 8000 8080 9090
wccp web-cache router-list-num 1
wccp rtsp router-list-num 1
wccp dns router-list-num 1
wccp ftp-native router-list-num 1
wccp https-cache accept-all
wccp https-cache router-list-num 1
wccp service-number 90 router-list-num 1 port-list-num 1 application cache
wccp version 2
!
websense-server service policy local activate
websense-server service eim activate
websense-server service user activate
!
username admin password 1 <removed>
username admin privilege 15
username smartfilter password 1 <removed> uid 2001
username smartfilter privilege 15
!
ldap server base "dc=customer,dc=com"
ldap server userid-attribute cn
ldap server host 192.168.0.3 primary
ldap server host 192.168.0.4 secondary
ldap server administrative-dn "cn=Administrador,cn=users,dc=customer,dc=com"
ldap server administrative-passwd <removed>
ldap server version 3
!
ntlm server host 192.168.0.3
ntlm server host 192.168.0.1
ntlm server domain customer
ntlm server enable
!
authentication login local enable
authentication configuration local enable primary
!
access-lists 300 permit groupname customer\internet
access-lists 300 deny groupname any
access-lists enable
!
no url-filter http websense allowmode enable
url-filter http smartfilter enable
!
End
#################
I'd like some help on this.
06-14-2006 10:53 AM
You may be running into a bug here:CSCdy59217
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: