Cisco Cisco Web Security Appliance S190 Guía Del Usuario
5-21
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Chapter 5 Acquire End-User Credentials
Authentication Realms
Step 8
(Optional) Click Start Test. This will test the settings you have entered, ensuring they are correct before
real users use them to authenticate. For details on the testing performed, see
real users use them to authenticate. For details on the testing performed, see
•Create additional NTLM
realms to authenticate users in domains that are not trusted by existing NTLM realms., page 5-21
.
Note
Once you submit and commit your changes, you cannot later change a realm’s authentication protocol.
Step 9
Submit and commit your changes.
Next Steps
•
Create an Identification Profile that uses the Kerberos authentication scheme.
Related Topics
•
Using Multiple NTLM Realms and Domains
The following rules apply in regard to using multiple NTLM realms and domains:
•
You can create up to 10 NTLM authentication realms.
•
The client IP addresses in one NTLM realm must not overlap with the client IP addresses in another
NTLM realm.
NTLM realm.
•
Each NTLM realm can join one Active Directory domain only but can authenticate users from any
domains trusted by that domain. This trust applies to other domains in the same forest by default and
to domains outside the forest to which at least a one way trust exists.
domains trusted by that domain. This trust applies to other domains in the same forest by default and
to domains outside the forest to which at least a one way trust exists.
•
Create additional NTLM realms to authenticate users in domains that are not trusted by existing
NTLM realms.
NTLM realms.
About Deleting Authentication Realms
Deleting an authentication realm disables associated identities, which in turn removes those identities
from associated policies.
from associated policies.
Deleting an authentication realm removes it from sequences.
Configuring Global Authentication Settings
Configure Global Authentication Settings to apply settings to all authentication realms, independent of
their authentication protocols.
their authentication protocols.
The Web Proxy deployment mode affects which global authentication settings you can configure. More
settings are available when it is deployed in transparent mode than in explicit forward mode.
settings are available when it is deployed in transparent mode than in explicit forward mode.
Before You Begin
•
Be familiar with the following concepts:
–
–