Hi,

This the 5th post in the series and this is on Juniper SRX Web-Auth.

Web-Authentication

To enable Web authentication, you must specify the IP address of the device hosting the HTTP session. These settings are used if the firewall user accessing a protected resource wants to be authenticated by directly accessing the webserver or Web authentication

Requirement – A Webserver is located at 192.168.1.11. Make sure anyone connecting to Web-server should first get authenticated by SRX firewall via HTTP and only upon successful authentication, they should access webserver

Topology

topology

Define various security policies in place, I had to do NAT as well to make this happen as my setup was not allowing to do without it.

1-security-policyandaccess 2-source-nat 3-interface-config

Also make sure you have system services turned on

4-system-services

Pre Web Auth at Windows workstation

5-pre-web-auth

Final Auth Results

6-successful-webauth

Regards

Rakesh

Advertisements