Guidelines and limitations, Configuring authentication for network access, Information about authentication – Cisco ASA 5505 User Manual

Page 776: One-time authentication

Advertising
background image

38-2

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 38 Configuring AAA Rules for Network Access

Guidelines and Limitations

Guidelines and Limitations

This section includes the guidelines and limitations for this feature.

Context Mode Guidelines

Supported in single and multiple context mode.

Firewall Mode Guidelines

Supported in routed and transparent firewall mode.

IPv6 Guidelines

Supports IPv6.

Configuring Authentication for Network Access

This section includes the following topics:

Information About Authentication, page 38-2

Configuring Network Access Authentication, page 38-4

Enabling Secure Authentication of Web Clients, page 38-6

Authenticating Directly with the ASA, page 38-7

Information About Authentication

The ASA lets you configure network access authentication using AAA servers. This section includes the
following topics:

One-Time Authentication, page 38-2

Applications Required to Receive an Authentication Challenge, page 38-2

ASA Authentication Prompts, page 38-3

Static PAT and HTTP, page 38-4

One-Time Authentication

A user at a given IP address only needs to authenticate one time for all rules and types, until the
authentication session expires. (See the timeout uauth command in the command reference for timeout
values.) For example, if you configure the ASA to authenticate Telnet and FTP, and a user first
successfully authenticates for Telnet, then as long as the authentication session exists, the user does not
also have to authenticate for FTP.

Applications Required to Receive an Authentication Challenge

Although you can configure the ASA to require authentication for network access to any protocol or
service, users can authenticate directly with HTTP, HTTPS, Telnet, or FTP only. A user must first
authenticate with one of these services before the ASA allows other traffic requiring authentication.

The authentication ports that the ASA supports for AAA are fixed as follows:

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals