Resolve Users from AD server into Pfsense
Albert_aw last edited by
Basically I have 3 areas of network (Subnets), WAN, LAN and GUEST
LAN is where the company's devices lay within, and GUEST is the WIFI network of the company.
What I did recently, was disable the DHCP server from my WIFI router and assigned the DHCP pool to the PFSense DHCP Server (Service), While in the System -> User manager, I've created users that have access to the Captive Portal of the GUEST network and they got reserved IP addresses for each. Also the customers who come to the company can get a voucher code they can also connect to the network. So as a conclusion, I can now see the employees of the company using the network (whether from ntopng, or Squid reports or resolved in the ARP table), So during the monitoring procedure, I can just see the names of the users accessing directly the names of the webpages, no need to go search by IPs.
Now, I am trying to do the same for the LAN users, which are in other words the computers of the employees inside the company. But instead of inputting the data manually like I did in the GUEST network, because it will take me a long time to input all the data, I thought that there must be a way to do that from the LDAP configuration.
Using the System -> user manager -> Authentication Servers, I could successfully connect to my Active Directory. and from the Squid proxy server, After disabling the transparent proxy to activate the Authentication method which also was the LDAP. But here I had something different from the many tutorials that I followed, making the test on myself first (as usual), I manually assigned a proxy server to my computer and tried to connect to the internet from my browser, but the browser did not prompt me for username and password, so I was surprised, and I could also see activity from the realtime monitor of the proxy server (so apparently it is working without authentication), but I am still not sure that it is working properly or it has something to do with the LDAP configuration, because the point of connecting to the Active Directory was not only to be able to authenticate the PC in order to use the network(because this could be done from the transparent proxy), but also to see the activity log not by IPs, but by username from the Active Directory, or in other words to make them Registered in my ARP table.
You can find the configuration snapshots in the attachments. (The IP Addresses and DC names where blanked out for Privacy reasons)
I am lost within the understanding of how the IPs should be resolved/translated in my PFSense, so I need to understand the Algorithm of how things are coordinated and how they work.