1-47
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Clientless SSL VPN
Understanding How KCD Works
Note Steps 1 to 3 comprise protocol transition. After these steps, any user who authenticates to
ASA using a non-Kerberos authentication protocol is transparently authenticated to the key
distribution center using Kerberos.
4. ASA requests a service ticket from the key distribution center for the specific service that the user
wants to access.
5. The key distribution center returns a service ticket for the specific service to the ASA.
6. ASA uses the service ticket to request access to the web service.
7. The Web server authenticates the Kerberos service ticket and grants access to the service. The
appropriate error message is displayed and requires acknowledgement if there is an authentication
failure. If the Kerberos authentication fails, the expected behavior is to fall back to basic
authentication.
Before Configuring KCD
To configure the ASA for cross-realm authentication, you must use the following commands:
To Next Page
Loading...
Need help?
General
