Welcome, Guest. Please login or register.
Did you miss your activation email?
Monday 23 December 2024, 02:48:34 am

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  Installation Support
| | |-+  EFW 2.3 and Novell eDirectory LDAP authentication blocks everything
0 Members and 2 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: EFW 2.3 and Novell eDirectory LDAP authentication blocks everything  (Read 11953 times)
ttucker
Jr. Member
*
Offline Offline

Posts: 2


« on: Wednesday 03 March 2010, 06:04:54 am »

I have setup an endian firewall 2.3 and I am trying to configure to use eDirectory LDAP authentication.


I configured the access policy as follows:

authentication to
Source type
Any

Destination type
Any

Authentication
group based

allowed groups
cn=internet,o=org

Access policy Allow access
Filter profile Default profile

and every website that I try to go to says the following:

ERROR
The requested URL could not be retrieved

--------------------------------------------------------------------------------

While trying to retrieve the URL: xxxxxxxx


The following error was encountered:
Access Denied.

Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.

The http proxy logs show the following:

0 192.168.0.61 TCP_DENIED/403 2724 GET xxxxxx admin NONE/- text/html


If I set authentication to disabled, the access policy works.

These settings worked with endian 2.2

What is different in 2.3 from 2.2 that I have not configured correctly?

On the authentication tab I have it set as follows:

Ldap authentication method
LDAP (v2, v3, Novell eDirectory, AD)

Ldap server
192.168.0.1

Port
389

Bind DN
o=org

Ldap type
Novell eDirectory Server

Bind DN username
cn=admin,o=org

user objectClass
person

group objectClass
group.

ldap browser does see the tree.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com