When a workstation behind the ASA tries to initiate an AT&T client authentication session the following happens on the ASA:
-3-way handshake completes to the auth server.
-Push packet from the client hits the inside interface of the ASA but does not get passed through the firewall.
-Logs do not show any dropped packets or errors.
What ive done:
Since the traffic to the auth server is over port 80, ive tried turning on and off class maps for http.
Even though the acl allows the traffic and the handshake completes, i provided explicit access between the src and dst at the top of the acl.
Ive captured ingress and egress traffic between the hosts.
Have tried several different authentication servers.
ANy insight would be greatly appreciated.
Thanks in advanced.