Rules with AD users
-
Hi All,
i'm a newbie on pfsense and i'm trying to figure out how to create firewall rules to filter traffic based on AD users.
I have 3 different AD domains and i want to have only one proxy server to filter Internet traffic on them.Any suggestions is appreciated.
Thanks
David
-
You can't filter firewall traffic using AD policies, but you can selectively filter web traffic (http/https) via Squid proxy using AD group membership, if that's what you're after.
-
thanks for your quick reply muswellhillbilly. Yes that's exactly what i want.
Filter traffic in our environment based on AD users/groupsThank you again
-
There are any number of howto's on this topic, but here's one to be getting on with:
https://www.howtoforge.com/debian-squeeze-squid-kerberos-ldap-authentication-active-directory-integration-and-cyfin-reporter
From what I understand, it's possible to set AD authentication using Squid/Squidguard on the PFS directly, though I haven't done this myself. If you have a look at the packages involved they ought to be self-explanatory, though there are similar posts to these elsewhere on the forum.