Logging username after pfsense in Sonicwall



  • pfsense latest version
    Captive Portal with Radius authentication via AD
    squid

    I have my users login with their AD credentials but when browsing the Internet my Dell Sonicwall is not logging the individual usernames but rather just the pfsense box itself. It is being treated as 1 single user rather than the 1500 individual users.  Therefore I am not logging their Internet access.

    Does anyone know how I can achieve this?



  • you are more then likely double-nat  (once on pfSense & once on the sonic wall)

    how is the sonicwall supposed to log the users ? are you running a proxy on the sonicwall ??



  • Yes

    the pfsense is using NAT. I am not using a proxy on the Sonicwall.  For LAN users, there is a single sign on agent that runs that authenticates and logs activity.  It is Dell Analyzer that has the logs. It will log site visited by IP address, username etc.



  • ok

    I have my CP setup to authenticate via Windows Raduis. Can I just turn on Authentication method for Squid to Captive Portal and have that log website access by username on the pfsense box.

    My main question now is

    Is it possible to log internet activity by AD username on pfsense/squid.

    cheers





  • Certainly is.

    I setup Squid on Ubuntu a few years back and had it all integrated with AD. However, most of my BYOD users will be using phones/tablets/non domain devices.

    I was hoping that just by selecting CP on the Squid authentication it would just work.




  • Non-domain devices won't have the credentials to pass on anything to AD if that's how you're setting the authentication at the CP. You may be able to set the passwords in AD to never expire (not recommended) and cache the credentials in the browser on your phone/tablet, but this isn't a great workaround.



  • Thanks

    I will start a new thread as this is going off topic.