Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

SSL VPN http-proxy TMG authentication failed

Hi, we have ASA 5520 as SSL VPN concentrator so users can access internal web from outside. Our internal web also has several internet URL. What we want is when user click internet URL in our internal web, ASA forward those request to internal proxy server. I already config proxy using port 8080 and username "company\user" and password, but always have authentication failed on ssl vpn browser. We uses forefront TMG as proxy. Username and password have right to access Internet.

Everyone's tags (2)
2 REPLIES
Community Member

SSL VPN http-proxy TMG authentication failed

I had the same issue when trying to use Cisco SSL VPN through the TMG proxy server. We resolved it by allowing anonymous access on HTTPS to the external IP.

Community Member

Re: SSL VPN http-proxy TMG authentication failed

I think, using http-proxy option ASA can only use basic authentication (clear text). Since TMG authentication set to NTLM, so it failed. When I try with CCProxy, ASA can authenticate dan get internet connection. So we allow ASA ip address without authentication on TMG. It's little bit strange because ASA support NTLM authentication when use sso.

Thx.

1966
Views
0
Helpful
2
Replies
CreatePlease to create content