Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Cisco Employee

PIX http Authentication & Terminal server

Hi ,

I've got a design question.

I've to set up a firewall solution for a company which is using some terminal servers for their users.

What I'm concerned about is how PIX would handle internet connections coming from the same internal IP address ( whose of the terminal server ) .

I need the PIX to askk for authentication for outgoing HTTP connections , but all the user will be seen as coming from the same IP address. I wonder if the PIX would prompt for authentication only at the first user connection.

Also I'd like to know if anyone has set up , and how , the authentication using Microsoft's WIN2000 embedded RADIUS server .

TIA

3 REPLIES
Community Member

Re: PIX http Authentication & Terminal server

The PIX caches authentication information based on source IP address unless you set the timeout value to zero. Doing so, will require your users to re-authenticate constantly. I don’t understand your setup enough to know how all your users will be coming from the same IP address and if so, how the return packets will route to the respective user properly regardless. I would suggest talking to a Cisco SE to propose a solution for you.

Cisco Employee

Re: PIX http Authentication & Terminal server

The users are working on a terminal server. Which means that it all the users share the same server tough the same IP

Community Member

Re: PIX http Authentication & Terminal server

I hate to say it, but you will probably need to front-end your pix with a proxy server and point your IE app on your terminal servers to the proxy for authentication.

110
Views
0
Helpful
3
Replies
CreatePlease to create content