Solved

PIX 501 Firewall & Passwords

Posted on 2003-12-03
5
454 Views
Last Modified: 2013-11-16
Hello,

I'm using Cisco PIX 501 firewall. My ISP has provided me with a live IP. However his software requires me to login (with username & password) at particular url hosted on his server to authenticate my profile & start using Internet.

My question is: is there any way I can supply authentication info to my ISP software thru my firewall? What I want is to assign a dedicated live IP to firewall & ability to pass authentication info thru firewall.

Thanks,

Note: this might be an easy answer but I need it fast so I'm posting it with 100 points. Answers recieved by Dec 5, 2003 will receive 100 additional points.
0
Comment
Question by:myamit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 13

Accepted Solution

by:
td_miles earned 100 total points
ID: 9871814
PIX can't do that. I'd suggest you look into scripting it from a PC that is behind your PIX. If the authentication is just standard web authentication, you could use a wget command from a linux box to do this:

wget http://username:password@your.isp.com/auth.html

If you are using NAT, then the authentication will appear to come from the IP address of your PIX anyway (provided you are using NAT overload on the PIX outside IP).

How often do you have to authenticate ? Can you put a PC in and do it once and then swap the PIX in ?
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 9882911
Thats a very odd way to connect I must say.   And it seems redundant.   You can't access the internet with an ip until you logon to a web page, but how can you access a web page without a valid IP?     Are you sure you are not using PPPOE or some other style of assignment?  
0
 

Author Comment

by:myamit
ID: 9883695
Thank you for comments.

Answer to MikeKane: Actually our ISP has issued connectivity without any real security measures. Only security measures he has taken is an authentication system at his server. So we can connect to his server in all cases but can get Internet connectivity only after we issue proper authentication there.

Answer to td_miles: Though, I could not get a chance to implement your suggested solution (as I need my ISP to change few things), I think your suggestion is quite appropriate & feasible. I'll test this by tomorrow & if works will select your comments as accepted answer.

Thanks,

0
 
LVL 33

Expert Comment

by:MikeKane
ID: 9883718
Sounds like your ISP has you going through a PROXY to get out to the internet.  

Question,   before you authenticate to this server, are you able to access any internet resource?  

Try pinging www.cisco.com before you authenticate.  

Then try pinging cisco's IP 198.133.219.25

This is really just out of curiosity.  
0
 

Author Comment

by:myamit
ID: 9883779
Answer to MikeKane:

No, before I authenticate I can't use any of Internet resources. Neither the IP nor the URL.

Actually, my ISP uses a software called 24online used for Internet sharing on a lan cable. You can find out more about the software at http://24online.elitecore.com/

Thanks,
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
replacing 2811 to ISR 4331 2 80
Cisco Edge Routers for BGP 6 116
VPN Tunnel Stops Working Cisco RV130W 18 77
Unable to login to Cisco C800 Ver 15.3(3)M4 8 56
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question