Cisco Systems and the ASA Services Module Manual De Usuario

nat (inside,outside) static 10.132.16.200 service tcp 443 443

If you do not want to allow HTTP, HTTPS, Telnet, or FTP through the ASA but want to authenticate 
other types of traffic, you can authenticate with the ASA directly using HTTP, HTTPS, or Telnet.

This section includes the following topics:

If you enabled the redirection method of HTTP and HTTPS authentication in the 

, then you have also automatically enabled direct 

authentication.

When you use HTTP authentication on the ASA (see the

), the ASA uses basic HTTP authentication by default. 

To continue to use basic HTTP authentication, and to enable direct authentication for HTTP and HTTPS, 
enter the following command:

If the destination HTTP server requires authentication in addition to the ASA, then to authenticate 
separately with the ASA (via a AAA server) and with the HTTP server, enter the following command:

[s] interface_name 

[

 

] 

ciscoasa(config)# aaa authentication listener http 

inside redirect

(Optional) Enables the redirection method of authentication 
for HTTP or HTTPS connections.

The interface_name argument is the interface on which you 
want to enable listening ports. The port portnum argument 
specifies the port number on which the ASA listens; the 
defaults are 80 (HTTP) and 443 (HTTPS). 

You can use any port number and retain the same functionality, 
but be sure your direct authentication users know the port 
number; redirected traffic is sent to the correct port number 
automatically, but direct authenticators must specify the port 
number manually.

Enter this command separately for HTTP and for HTTPS.