12-22
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
OL-6392-01
Chapter 12 Configuring AAA
Configuring Authentication for Network Access
Enabling Secure Authentication of Web Clients
FWSM version 2.3 introduces a secured method of exchanging usernames and passwords between a web
client and an FWSM by using HTTP over SSL (HTTPS). HTTPS encrypts the username and password
and makes the transmission secure.
Previous versions of the FWSM, when authenticating a web browser using an AAA server, obtained the
username and password from the HTTP client in clear text.
Add the following keyword to the aaa command to enable this feature:
aaa authentication secure-http-client
The keyword secure-http-client enables this feature so that the username and password are exchanged
securely between HTTP clients and the FWSM.
To enable this feature, you must configure AAA authentication by using one of these formats:
aaa authentication http
interface
...
aaa authentication tcp/0
interface
...
This feature supports authentication of clients accessing secure (HTTPS) websites by using this
command:
aaa authentication https
interface
...
aaa authentication tcp/0
interface
...
Note Enabling AAA authentication secure-http-client is not required to authenticate HTTPS sessions.
After enabling this feature, when a user accesses a web page requiring authentication, the FWSM
displays the Authentication dialog box shown in Figure 12-7.
Figure 12-7 Secure Authentication Page
To Next Page
Loading...
Need help?
General