Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 19 December 2024, 01:53:04 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  Installation Support
| | |-+  Authentication & URL Port Forwarding & Stuff...
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Authentication & URL Port Forwarding & Stuff...  (Read 16342 times)
a18041967
Jr. Member
*
Offline Offline

Posts: 7


« on: Sunday 19 December 2010, 05:57:51 am »

Just installed EFW 2.4.1 and have a few questions & problems.... I'm running Windows 2008 & Exchange 2007 on a single server with AD, DNS & DHCP all running on the same server. EFW is running on a seperate server, I've succesfully added it to the domain and it can see all the AD groups & users. Proxy is set to not transparent & the time syncing back to the domain controller, email is succesfully being routed from the internet through EFW onto Exchange. So things are generally OK.

The problem I'm experiencing is with Proxy authentication, regardless of what I set the default access policy to users can succesfully access the interent without any proxy settings set in IE8. If I configure IE8 proxy settings access is not possible regardless of what the access policy is set to. I've checked the NTLM settings on the client which is running Windows 7, but also experiencing similar issues using ipad & iphone safari

Is it possible to route incoming traffic based on both port no. and the URL, prime example is I have a number of devices the I want to access that using port 443 (HTTPS) each has a different URL eg h t t p s: / / device1.domain.com, h t t p s: / / device2.domain.com and based on the URL route them to different IP addresses on the GREEN network. Is this possible?

Finally are there any VPN setup guides floating around for v2.4.1

Also watching the VMware tools v4 topic with interest
Logged
a18041967
Jr. Member
*
Offline Offline

Posts: 7


« Reply #1 on: Thursday 23 December 2010, 08:11:28 am »

Having looked into this further it appears that my clients are hitting the proxy server but for some reason are not being authenticated, in the proxy logs just the url & ip address are listed. EFW has successfully joined the domain and can resolve all names, AD users & groups are listed in the authentication tab. Time sync also correct

So based on this what further troubleshoots tips can people suggest?

I have to say EFW is a great product but let down by poor support & documentation, very few of the forum posts have any replies.
Logged
a18041967
Jr. Member
*
Offline Offline

Posts: 7


« Reply #2 on: Thursday 23 December 2010, 09:26:10 am »

SOLUTION:

Found the following bug ID:3293 and there appears to be a know problem with AD authentication,the solution is as follows:

Here is a workaround (run the commands as root):

# chgrp squid /var/cache/samba/winbindd_privileged
# chmod 750 /var/cache/samba/winbindd_privileged

A I re added EFW to the domain and rebooted EFW and all is working, Proxy is recording the AD user accounts and content filtering is working as planned.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com