Welcome, Guest. Please login or register.
Did you miss your activation email?
Friday 15 November 2024, 09:37:46 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14255 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  Installation Support
| | |-+  EFW 2.3 and Novell eDirectory LDAP authentication blocks everything
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: EFW 2.3 and Novell eDirectory LDAP authentication blocks everything  (Read 10469 times)
ttucker
Jr. Member
*
Offline Offline

Posts: 2


« on: Wednesday 03 March 2010, 06:04:54 am »

I have setup an endian firewall 2.3 and I am trying to configure to use eDirectory LDAP authentication.


I configured the access policy as follows:

authentication to
Source type
Any

Destination type
Any

Authentication
group based

allowed groups
cn=internet,o=org

Access policy Allow access
Filter profile Default profile

and every website that I try to go to says the following:

ERROR
The requested URL could not be retrieved

--------------------------------------------------------------------------------

While trying to retrieve the URL: xxxxxxxx


The following error was encountered:
Access Denied.

Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.

The http proxy logs show the following:

0 192.168.0.61 TCP_DENIED/403 2724 GET xxxxxx admin NONE/- text/html


If I set authentication to disabled, the access policy works.

These settings worked with endian 2.2

What is different in 2.3 from 2.2 that I have not configured correctly?

On the authentication tab I have it set as follows:

Ldap authentication method
LDAP (v2, v3, Novell eDirectory, AD)

Ldap server
192.168.0.1

Port
389

Bind DN
o=org

Ldap type
Novell eDirectory Server

Bind DN username
cn=admin,o=org

user objectClass
person

group objectClass
group.

ldap browser does see the tree.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com