EasyManuals Logo

Cisco ASA 5540 User Manual

Cisco ASA 5540
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1831 background imageLoading...
Page #1831 background image
1-23
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Clientless SSL VPN
Using Single Sign-on with Clientless SSL VPN
• Subject Name format is uid=<user>
Configuring SSO with the HTTP Form Protocol
This section describes using the HTTP Form protocol for SSO. HTTP Form protocol is an approach to
SSO authentication that can also qualify as a AAA method. It provides a secure method for exchanging
authentication information between users of clientless SSL VPN and authenticating web servers. You
can use it in conjunction with other AAA servers such as RADIUS or LDAP servers.
Prerequisites
To configure SSO with the HTTP protocol correctly, you must have a thorough working knowledge of
authentication and HTTP protocol exchanges.
Restrictions
As a common protocol, it is applicable only when the following conditions are met for the web server
application used for authentication:
• The authentication cookie must be set for successful request and not set for unauthorized logons. In
this case, ASA cannot distinguish successful from failed authentication.
Detailed Steps
The ASA again serves as a proxy for users of clientless SSL VPN to an authenticating web server but,
in this case, it uses HTTP Form protocol and the POST method for requests. You must configure the ASA
to send and receive form data. Figure 1-4 illustrates the following SSO authentication steps:
Step 1 A user of clientless SSL VPN first enters a username and password to log into the clientless SSL VPN
server on the ASA.
Step 2 The clientless SSL VPN server acts as a proxy for the user and forwards the form data (username and
password) to an authenticating web server using a POST authentication request.
Step 3 If the authenticating web server approves the user data, it returns an authentication cookie to the
clientless SSL VPN server where it is stored on behalf of the user.
Step 4 The clientless SSL VPN server establishes a tunnel to the user.
Step 5 The user can now access other websites within the protected SSO environment without reentering a
username and password.

Table of Contents

Other manuals for Cisco ASA 5540

Preview: Configuration Guide
Configuration Guide1822 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5540 and is the answer not in the manual?

Cisco ASA 5540 Specifications

General IconGeneral
Firewall Throughput650 Mbps
Maximum Firewall Connections400, 000
VPN Throughput225 Mbps
Maximum VPN Peers5, 000
High AvailabilityActive/Active, Active/Standby
IPSec VPN Throughput225 Mbps
Memory1 GB
IPS Throughput225 Mbps
Security Contexts50
Flash Memory64 MB
Form Factor1U
Power SupplyDual
Interfaces4 x 10/100/1000 Ethernet

Related product manuals