I have downloaded a trial of CiscoSecure ACS 3.0 to use with my PIX 515e with a view to purchase. I like this a lot and will definately be buying but before I do I have a small problem.
I have setup up the Firewall to request access from the users to get to the Internet. This works great but if the user then goes to a secure web site which requests username and logon details, there seems to be a conflict between the PIX AAA and the Web Sites credentials. I think I have read about this somewhere but can not remember where.
There was some mention about a virtual http server I think but can not remember the details. Does anyone know of this problem and a way round it??
The virtual http command solves the problem of browser caching the authentication by first creating a http redirect from the initial ip address of the server (the pix still impersonates the server) to the address set within the virtual http command. When the browser is redirected to this address the pix will then prompt for the username and password. After authentication is successful, the browser is then redirected back to the original address. This way the browser will not associate the username and password used for the pix (and therefore ACS) with the username and password used by the server.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...