EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Saturday 23 November 2024, 02:08:54 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
CLICK HERE
for the The official Endian Roadmap and Issue tracker
14258
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
EFW SMTP, HTTP, SIP, FTP Proxy Support
AD non authenticated users are not blocked by the HTTP proxy
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: AD non authenticated users are not blocked by the HTTP proxy (Read 25005 times)
conceptmedia
Full Member
Offline
Posts: 12
AD non authenticated users are not blocked by the HTTP proxy
«
on:
Friday 01 August 2014, 08:12:41 am »
Hello,
When the HTTP proxy is activated by joining a MS SRV AD, computers that have not joined the domain and do not have the browser proxy configured but have their network configuration according to the Green zone are able to go through the efw without any trouble without being blocked by the proxy.
Does anybody know of a way to create an access rule that prevents unauthenticated users to the domain AD to be blocked by the HTTP proxy?
Many thanks.
Logged
Di4bLo
Full Member
Offline
Posts: 39
Re: AD non authenticated users are not blocked by the HTTP proxy
«
Reply #1 on:
Sunday 24 August 2014, 07:59:33 am »
As far as I know, if you use NTLM, the user logged to the computer is automatically used for the browser authentication.
Logged
Eduardo
Full Member
Offline
Gender:
Posts: 13
Re: AD non authenticated users are not blocked by the HTTP proxy
«
Reply #2 on:
Sunday 24 August 2014, 05:22:08 pm »
Did you uncheck the HTTP and HTTPS traffic checkbox on the firewall?
Logged
conceptmedia
Full Member
Offline
Posts: 12
Re: AD non authenticated users are not blocked by the HTTP proxy
«
Reply #3 on:
Monday 25 August 2014, 07:43:18 am »
Hello, and thanks for your comments.
The HTTP and HTTPS proxies are enabled and do make their job if the computer/user has joined the AD domain and has the browser connection configured to use the firewall proxy.
But as I found out if this computer/user belongs to the green zone but has not joined the AD domain (so, it is on a workgroup) and the browser is not configured to use a proxy, the firewall let it go out trough the red zone without checking it.
There should be a way, in the firewall, to prevent users that are not joined to the domain to go through.
Thanks again.
JP
Logged
Di4bLo
Full Member
Offline
Posts: 39
Re: AD non authenticated users are not blocked by the HTTP proxy
«
Reply #4 on:
Tuesday 09 June 2015, 05:26:58 pm »
You could remove the gateway from the network settings, you could disable the HTTP and HTTPS rules on the firewall or if you know the IPs you can create a deny rule on the firewall for computers that are not joined to the domain.
I use the first option.
Logged
mmiat
Sr. Member
Offline
Gender:
Posts: 236
Re: AD non authenticated users are not blocked by the HTTP proxy
«
Reply #5 on:
Tuesday 09 June 2015, 08:12:55 pm »
why you don't use transparent proxy?
Logged
---------------------
IT Consultant
www.fsw.it
Hardware & Software
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.109 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com