Permit only domain computers to access internet
-
Hi,
I'm testing some firewall solutions for our small-sized company. I have not installed pfSense yet, but I need to know if it can block computers that are not members of my Active Directory domain to access the Internet.
Thanks
Marcio -
I am guessing this isn't going to happen. It would require, at a minimum, OpenLDAP and a ton of configuration.
Better question: Why do you need to lock non-domain computers from internet access? How are they getting on your network in the first place?
-
Why not use Squid and have it setup to authenticate against your domain and use a GPO to predefine the Proxy settings? Would that work?
-
if your switches support, you can use 802.1x authentication through MS IAS on the domain controller to block network access (not just the Internet, but the LAN access as well).