Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 462
  • Last Modified:

PIX 501 Firewall & Passwords

Hello,

I'm using Cisco PIX 501 firewall. My ISP has provided me with a live IP. However his software requires me to login (with username & password) at particular url hosted on his server to authenticate my profile & start using Internet.

My question is: is there any way I can supply authentication info to my ISP software thru my firewall? What I want is to assign a dedicated live IP to firewall & ability to pass authentication info thru firewall.

Thanks,

Note: this might be an easy answer but I need it fast so I'm posting it with 100 points. Answers recieved by Dec 5, 2003 will receive 100 additional points.
0
myamit
Asked:
myamit
  • 2
  • 2
1 Solution
 
td_milesCommented:
PIX can't do that. I'd suggest you look into scripting it from a PC that is behind your PIX. If the authentication is just standard web authentication, you could use a wget command from a linux box to do this:

wget http://username:password@your.isp.com/auth.html

If you are using NAT, then the authentication will appear to come from the IP address of your PIX anyway (provided you are using NAT overload on the PIX outside IP).

How often do you have to authenticate ? Can you put a PC in and do it once and then swap the PIX in ?
0
 
MikeKaneCommented:
Thats a very odd way to connect I must say.   And it seems redundant.   You can't access the internet with an ip until you logon to a web page, but how can you access a web page without a valid IP?     Are you sure you are not using PPPOE or some other style of assignment?  
0
 
myamitAuthor Commented:
Thank you for comments.

Answer to MikeKane: Actually our ISP has issued connectivity without any real security measures. Only security measures he has taken is an authentication system at his server. So we can connect to his server in all cases but can get Internet connectivity only after we issue proper authentication there.

Answer to td_miles: Though, I could not get a chance to implement your suggested solution (as I need my ISP to change few things), I think your suggestion is quite appropriate & feasible. I'll test this by tomorrow & if works will select your comments as accepted answer.

Thanks,

0
 
MikeKaneCommented:
Sounds like your ISP has you going through a PROXY to get out to the internet.  

Question,   before you authenticate to this server, are you able to access any internet resource?  

Try pinging www.cisco.com before you authenticate.  

Then try pinging cisco's IP 198.133.219.25

This is really just out of curiosity.  
0
 
myamitAuthor Commented:
Answer to MikeKane:

No, before I authenticate I can't use any of Internet resources. Neither the IP nor the URL.

Actually, my ISP uses a software called 24online used for Internet sharing on a lan cable. You can find out more about the software at http://24online.elitecore.com/

Thanks,
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now