Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 24 November 2024, 02:44:08 pm

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  Endian HTTP proxy to work with Win2k3 AD
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Endian HTTP proxy to work with Win2k3 AD  (Read 29912 times)
wildwestgoh
Jr. Member
*
Offline Offline

Posts: 4


« on: Friday 13 February 2009, 02:48:27 pm »

Is there any detailed article on step by step configuration for the HTTP proxy to work with Windows 2003 Active Directory?

Or is there anyone who had experienced on such configuration before?

Thank you in advance. Wink
Logged
npeterson
Full Member
***
Offline Offline

Posts: 90


« Reply #1 on: Saturday 14 February 2009, 04:30:22 am »

It was pretty strait forward to me. goto the proxy configuration page, set your interfaces to authentication required, set the allowed subnets. Save. Goto the Authentication page, Domain name is your AD domain name, put in your Active directory server names for your primary and secondary in the PDC and BDC host names, Note that its not the FQDN just the hostname like DC1 or DC2. Enter a user name and password that has directory administrator rights. As best i can tell this is just to create the computer object for the system to authenticate to ad. Click Join Domain. After it has joined return to the page and Enter your domain name for the authentication realm, save. Setup rules, under default policy. I setup 2, one for general users and 1 for admins that bypasses filters. Then finally goto the Group policies page, click add/remove group. Add the groups you want to proxy by, save. Then on the Group policies page again, select the rule set you want applied to the groups you just added, click save.
Logged
wildwestgoh
Jr. Member
*
Offline Offline

Posts: 4


« Reply #2 on: Tuesday 17 February 2009, 05:21:11 pm »

Hi, thanks for the reply. Few more questions if you don't mind.

What I have: Endian Firewall Community release 2.1.2
What others information do you need?

1. I just realise there's 2 types of Endian available, one is the appliance and community (free) edition, is there any different of configuration between those 2?
2. What's the authentication type for the one that you suggested? Is it LDAP? or Windows?
3. Does anything has to be done to the Windows 2003 Active Directory to enable that option?

Will update this page when I can think of other question.
It's quite frustrated when you don't have *free* PC to test out those features. Sad
Logged
npeterson
Full Member
***
Offline Offline

Posts: 90


« Reply #3 on: Wednesday 18 February 2009, 03:48:54 am »

1 > I dont know, personally i run the community edition. That would be a question for the sales people. I know the appliance will have support of endian though, and more features enabled. http://www.endian.com/en/community/comparison/
2 > Endian looks to configure samba to query AD, so it would use windows kerbos authentication. Although you can set it to use LDAP or radius authentication.
3 > Nothing. It will create a domain computer account to be able to authenticate users, and you will need groups setup to controll access.
Logged
wildwestgoh
Jr. Member
*
Offline Offline

Posts: 4


« Reply #4 on: Monday 23 February 2009, 04:44:45 pm »

After trying the first few steps, I was stuck at entering the PDC hostname.
It keep on giving me error "Cannot resolve PDC hostname!", I had tried several methods like dcname01, dcname01.domain.com (this one gave "Invalid hostname for Primary Domain Controller").
I can ping the hostname, it gives positive replies, while I'm not sure on how Endian query on the hostname itself.

And there's no Username and Password box for me to enter, also no "Join Domain" to click to? How to bring this up?
I was wondering if my version is correct or the Authentication method that I select is wrong? (I'm selecting Windows authentication method)
I'm using Endian Community 2.1.2

What's the "Authentication Realm Prompt"? Does it has to has something in order for others to work?

Regards "Authentication mode", what does this do? Is it related to AD or the clients?
It has the "Enable Windows integrated authentication" ticked.

Do you need the screenshot of my "Authentication method" page?
Logged
jesola
Jr. Member
*
Offline Offline

Gender: Male
Posts: 2


« Reply #5 on: Monday 18 April 2011, 12:24:49 pm »

The PDC hostname is the NETBIOS NAME.  (fq host name=server.domain.net --> netbios name= server)
Read the Manual. There is it.


The Proxy Realm, with AD must be the FQDN. (domain.net)

Save and apply the changes.
After, click in "join domain", put user and pass (if you use  domain\username it doesn´t work, just username)

Good luck.
Logged
anhnnh
Jr. Member
*
Offline Offline

Posts: 1


« Reply #6 on: Saturday 03 September 2011, 10:46:20 pm »

Thanks
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.109 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com