EFW Support

Support => EFW SMTP, HTTP, SIP, FTP Proxy Support => Topic started by: Alp on Tuesday 19 January 2010, 08:24:57 pm

Title: HTTP Proxy + Anonymous LDAP
Post by: Alp on Tuesday 19 January 2010, 08:24:57 pm
Hey All,

after extensive use of the search function and the Internet, I wasn't able to find any solution to my problem.
Therefore I took the decision to open  a thread in this forum, with the hope to find some help,.


Via Virtual Box (3.0.8_OSE) I have installed a EFW Community Edition 2.3 and 2 Ubuntu 9.10 test systems.

This configuration has been carried out. This means: Both test systems are connected to the FW and using the HTTP proxy.
Under the option "Proxy" -> "Authentication" I set up the authentication method "LDAP" and entered with the ip + port-adress and set up the object + group cles of the LDAP. In our Company, we are using an anonymous LDAP-System, that's why we didnt igned a Bind DN User.

So far so good. After compiling the access policies, all groups and users of the domain appear.
For better illustration, i have linked  a pic of our accsess policies configuration: http://img197.imageshack.us/img197/1476/accsesspolicy.jpg (http://img197.imageshack.us/img197/1476/accsesspolicy.jpg)  It's a "non transparent proxy".
Unfortunately, these policies seems to be ignored. The user e. although is able to sign in, despite the cessation: "accsess to http:// www. golem.de" is denied. The same also happens when I try to control these via groups.

To exclude a general problem with access policies, i have (for testing purposes) changed the authentication method from LDAP to LOCAL and invested  groups + user.
This has worked out perfectly. Only Group 3 had access to http:// www. golem.de. The other groups were denied access.
I have linked the proxy authentification too: http://img44.imageshack.us/img44/7162/proxyauthentication.jpg (http://img44.imageshack.us/img44/7162/proxyauthentication.jpg)

I hope, someone can help me.  Should you need further data / information, let it me know  :)

Best regards

Title: Re: HTTP Proxy + Anonymous LDAP
Post by: Alp on Thursday 21 January 2010, 08:49:04 pm
hmm, anybody ? :(