Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA5505 - Http & Telnet Autentication

Hello All,

I have managed to get my ASA5505 to authenticate IPs for cut though proxy using Telnet and it works great.

However I want to use only Telnet for authentication and if a user has not yet authenticated and then opens a browser session they are greeted with a login screen. Is it possible to switch this feature off?


New Member

Re: ASA5505 - Http & Telnet Autentication

You can allow only telnet traffic using cut through feature.

New Member

Re: ASA5505 - Http & Telnet Autentication

Not true Nomair_83.

You can use cut-though for any protocol but only Http(s), Telnet and FTP as authentication methods.

"access-list auth_users extended permit ip any any

aaa authentication match auth_users inside LOCAL"

Above is an extract from my config, users on the inside can not access outside unless they authenticate.

I want to know if I can switch off HTTP authentication.

New Member

Re: ASA5505 - Http & Telnet Autentication

My friend,

Thats what I meant, just allow telnet traffic in access-list rather then permit ip any any.

access-list auth-users extended permit tcp any any eq 23

New Member

Re: ASA5505 - Http & Telnet Autentication

If I do that the user will not be able to access the internet.

I want users to authenticate using telnet then be able to access Http.

I don't want them opening a browser and be prompted with the authentication prompt.

(I have a 3rd party application that will use telnet to authenticate the user transparently first.)