Title: Authentication & URL Port Forwarding & Stuff... Post by: a18041967 on Sunday 19 December 2010, 05:57:51 am Just installed EFW 2.4.1 and have a few questions & problems.... I'm running Windows 2008 & Exchange 2007 on a single server with AD, DNS & DHCP all running on the same server. EFW is running on a seperate server, I've succesfully added it to the domain and it can see all the AD groups & users. Proxy is set to not transparent & the time syncing back to the domain controller, email is succesfully being routed from the internet through EFW onto Exchange. So things are generally OK.
The problem I'm experiencing is with Proxy authentication, regardless of what I set the default access policy to users can succesfully access the interent without any proxy settings set in IE8. If I configure IE8 proxy settings access is not possible regardless of what the access policy is set to. I've checked the NTLM settings on the client which is running Windows 7, but also experiencing similar issues using ipad & iphone safari Is it possible to route incoming traffic based on both port no. and the URL, prime example is I have a number of devices the I want to access that using port 443 (HTTPS) each has a different URL eg h t t p s: / / device1.domain.com, h t t p s: / / device2.domain.com and based on the URL route them to different IP addresses on the GREEN network. Is this possible? Finally are there any VPN setup guides floating around for v2.4.1 Also watching the VMware tools v4 topic with interest Title: Re: Authentication & URL Port Forwarding & Stuff... Post by: a18041967 on Thursday 23 December 2010, 08:11:28 am Having looked into this further it appears that my clients are hitting the proxy server but for some reason are not being authenticated, in the proxy logs just the url & ip address are listed. EFW has successfully joined the domain and can resolve all names, AD users & groups are listed in the authentication tab. Time sync also correct
So based on this what further troubleshoots tips can people suggest? I have to say EFW is a great product but let down by poor support & documentation, very few of the forum posts have any replies. Title: Re: Authentication & URL Port Forwarding & Stuff... Post by: a18041967 on Thursday 23 December 2010, 09:26:10 am SOLUTION:
Found the following bug ID:3293 and there appears to be a know problem with AD authentication,the solution is as follows: Here is a workaround (run the commands as root): # chgrp squid /var/cache/samba/winbindd_privileged # chmod 750 /var/cache/samba/winbindd_privileged A I re added EFW to the domain and rebooted EFW and all is working, Proxy is recording the AD user accounts and content filtering is working as planned. |