Authentication proxy is a feature that allows to force users to authenticate to the ASA before users are allowed access through the device
A cut-through proxy is a rule applied to an ASA that enables the ASA to, on behalf of another device, stop traffic as it's coming in, authenticate its originator
Configuration
username test password test
access-list AUTH-MATCH extended permit tcp any any eq https
access-list AUTH-MATCH extended permit tcp any any eq www
aaa authentication match AUTH-MATCH inside LOCAL
#show access-list
access-list AUTH-MATCH line 2 extended permit tcp any any eq www (hitcnt=4) 0x84bfd1a4
No comments:
Post a Comment