Hi, we have ASA 5520 as SSL VPN concentrator so users can access internal web from outside. Our internal web also has several internet URL. What we want is when user click internet URL in our internal web, ASA forward those request to internal proxy server. I already config proxy using port 8080 and username "company\user" and password, but always have authentication failed on ssl vpn browser. We uses forefront TMG as proxy. Username and password have right to access Internet.
I think, using http-proxy option ASA can only use basic authentication (clear text). Since TMG authentication set to NTLM, so it failed. When I try with CCProxy, ASA can authenticate dan get internet connection. So we allow ASA ip address without authentication on TMG. It's little bit strange because ASA support NTLM authentication when use sso.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...