For more – Cisco ASA 5505 User Manual
Page 782
38-8
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 38 Configuring AAA Rules for Network Access
Configuring Authentication for Network Access
Authenticating HTTP(S) Connections with a Virtual Server
If you enabled the redirection method of HTTP and HTTPS authentication in the
Access Authentication” section on page 38-4
, then you have also automatically enabled direct
authentication.
When you use HTTP authentication on the ASA (see the
“Configuring Network Access Authentication”
), the ASA uses basic HTTP authentication by default.
To continue to use basic HTTP authentication, and to enable direct authentication for HTTP and HTTPS,
enter the following command:
If the destination HTTP server requires authentication in addition to the ASA, then to authenticate
separately with the ASA (via a AAA server) and with the HTTP server, enter the following command:
Command
Purpose
aaa authentication listener http
[s] interface_name
[
port
portnum
]
redirect
Example:
hostname(config)# aaa authentication listener http
inside redirect
(Optional) Enables the redirection method of authentication
for HTTP or HTTPS connections.
The interface_name argument is the interface on which you
want to enable listening ports. The port portnum argument
specifies the port number on which the ASA listens; the
defaults are 80 (HTTP) and 443 (HTTPS).
You can use any port number and retain the same functionality,
but be sure your direct authentication users know the port
number; redirected traffic is sent to the correct port number
automatically, but direct authenticators must specify the port
number manually.
Enter this command separately for HTTP and for HTTPS.