Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 14 November 2024, 10:42:00 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14255 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  HTTP Proxy + Anonymous LDAP
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: HTTP Proxy + Anonymous LDAP  (Read 10939 times)
Alp
Jr. Member
*
Offline Offline

Posts: 2


« on: Tuesday 19 January 2010, 08:24:57 pm »

Hey All,

after extensive use of the search function and the Internet, I wasn't able to find any solution to my problem.
Therefore I took the decision to open  a thread in this forum, with the hope to find some help,.

Situation:

Via Virtual Box (3.0.8_OSE) I have installed a EFW Community Edition 2.3 and 2 Ubuntu 9.10 test systems.

This configuration has been carried out. This means: Both test systems are connected to the FW and using the HTTP proxy.
Under the option "Proxy" -> "Authentication" I set up the authentication method "LDAP" and entered with the ip + port-adress and set up the object + group cles of the LDAP. In our Company, we are using an anonymous LDAP-System, that's why we didnt igned a Bind DN User.

So far so good. After compiling the access policies, all groups and users of the domain appear.
For better illustration, i have linked  a pic of our accsess policies configuration: http://img197.imageshack.us/img197/1476/accsesspolicy.jpg  It's a "non transparent proxy".
Unfortunately, these policies seems to be ignored. The user e. although is able to sign in, despite the cessation: "accsess to http:// www. golem.de" is denied. The same also happens when I try to control these via groups.

To exclude a general problem with access policies, i have (for testing purposes) changed the authentication method from LDAP to LOCAL and invested  groups + user.
This has worked out perfectly. Only Group 3 had access to http:// www. golem.de. The other groups were denied access.
I have linked the proxy authentification too: http://img44.imageshack.us/img44/7162/proxyauthentication.jpg

I hope, someone can help me.  Should you need further data / information, let it me know  Smiley

Best regards
Alp
Logged
Alp
Jr. Member
*
Offline Offline

Posts: 2


« Reply #1 on: Thursday 21 January 2010, 08:49:04 pm »

hmm, anybody ? Sad
greez
alp
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com