Can Cisco ASA 5510 perform user authentication for internet access

Posted on 2008-06-23
Medium Priority
Last Modified: 2010-04-21
We are currently using Checkpoint at our head office and one of our remote sites. There is a site to site VPN and users at teh remote site use Checkpoint user accounts and Radius authentication for Internet access. Not all site personnel are allowed internet access.
We will be changing shortly to a full ASA, TACACS setup at head office with an MPLS connection to the remote site. Of course the timing of the MPLS installation is horrible. The Checkoint SPLAT box at the remote site is failing.
We would like to install an ASA5510 at the remote site. The VPN setup can be done, but I don't yet know how I can control Internet access at the site. Can this be done with an ASA or do I need some type of proxy server.
Question by:Potashcorp2
  • 2
  • 2

Accepted Solution

AugustTen earned 2000 total points
ID: 21847055
Hi, the ASA can be configured with "cut-through proxy" to challenge a user at the application layer and then authenticate against standard AAA servers or the local database.

This can be used together with filtering databases like Websense, integrated with LDAP, AD etc etc

Author Comment

ID: 21847135
This is probably what I want. Can you point me to any documentation on this?
We have not yet ordered the 5510 so I don't have manuals yet.

Expert Comment

ID: 21847188
Try this link:


This is very useful together with per-user downloadable ACL's for example.

Author Closing Comment

ID: 31469780
Thanks. That is exactly what I need.
Saved me doing hours of web searching.

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
If you are looking for an automated tool which can generate reports for Outlook emails and other items from PST file, then you can go for Kernel PST Reporter tool. The reports which are created by this tool are helpful to analyze and understand PST …

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question