Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Pix, ACS, and Citrix Users

I have a Cisco pix that is authenticating outbound users via Cisco Secure ACS. The problem is with Citrix users. When one user logs into the Citrix server and starts Internet Explorer, he gets an authentication window. He puts in a username, password, etc., and gets through fine. Subsequent users do not get an authentication window -- they just go straight through. My guess is that the Pix does not differentiate different sessions but instead sees them all coming from the Citrix server and does not bother authenticating different sessions. My questions are: is my thinking correct, is this behavior expected, and is there anything I can do about it? Ideally, I would like to get every Citrix user to authenticate, but I don't think it's possible in this environment.

Thanks for any input!!

1 REPLY
Cisco Employee

Re: Pix, ACS, and Citrix Users

Try implementing VIRTUAL TELNET on the pix. This way, you can force the users to telnet to the virtual IP configured on the pix to authenticate first, and then browse port 80.

http://www.cisco.com/warp/public/110/atp52.html#telnet

HTH

R/Yusuf

227
Views
0
Helpful
1
Replies