RSA Web Agent for IIS behind PIX 501 with NAT

Discussion in 'Cisco' started by ng01@gvn.com, Jun 8, 2006.

  1. Guest

    I have Windows Server 2003 running IIS, and the RSA Web Agent
    installed, which talks successfully to an RSA Appliance. The IIS
    server and the RSA Appliance are both behind a PIX 501, and the PIX
    translates 3 public IP's to 3 private IP's, each of which is assigned
    to a different Web site in IIS. When I select one of the web sites and
    enable RSA Protection, from my internal network I can enter the URL or
    IP of the protected web site and have it properly redirected to the RSA
    Appliance, and when I authenticate, I get the web page, as expected.
    But when I enter the URL from an external source on the internet, I get
    the web page directly, without first being redirected to the RSA
    Appliance, as I should be. It appears as though the Web Agent isn't
    recognizing the correct IP when it is hit from the outside. Does
    anyone have any ideas or experience with this? Thanks very much.
    , Jun 8, 2006
    #1
    1. Advertising

  2. keshav

    Joined:
    Jun 6, 2006
    Messages:
    15
    You need to configure cut through proxy feature in pix and integrate it with to authenticate with your RSA appliance.

    Is the server located in inside ? How are you trying to access the server ? Through public ip (natted ip) or private ip ?

    When you try from inside , i believe it does not hit the pix.

    The issue should be most likely in pix. Check ACL , NAT and AAA rules.
    keshav, Jun 25, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jose
    Replies:
    3
    Views:
    1,912
  2. Bay
    Replies:
    5
    Views:
    6,764
    Brendon Rogers
    Oct 20, 2003
  3. andypatterson24

    Multiple web servers behind PIX 501...?

    andypatterson24, May 15, 2007, in forum: Cisco
    Replies:
    1
    Views:
    535
    Walter Roberson
    May 15, 2007
  4. Giuen
    Replies:
    0
    Views:
    697
    Giuen
    Sep 12, 2008
  5. Bay
    Replies:
    1
    Views:
    302
    Brendon Rogers
    Oct 19, 2003
Loading...

Share This Page