Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Replacing ISA Server

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    6 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      verdura
      last edited by

      Hi all,

      We are a vocational training center who uses ISA to have internet on all our students. But now we need to get a substitute and pfsense is in our radar but I have some doubts as we can use many differents aspects from pfsense.

      Our requirements:

      *- Control internet as per user (student)
      *- Using passwords from Active Directory
      *- Make authentication without any adicional pop-up to enter password (preferably!)

      Brief "technologies" in place:

      *- AD
      *- Microsoft Network Policy Server
      *- Certification Authority

      So, what's your advice? Do you know any tutorial to help?

      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        This isn't a support forum.  Try General Questions in the pfSense English Support section.

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          "*- Control internet as per user (student)"

          Why?  The only reason to do this is because student A has different access than B..  Or you need to track how what A is doing vs B..

          Why would students need different access.  In a corp you can say that Engineer has more access than plant floor working, or hourly worker vs salary… Having a hard time understand this "need"

          Vs looking at what your doing now with your what 17-18 year old ISA??  Are you running 2000, 2003,2004, 2006 or TMG?

          What exactly are you trying accomplish.. Why do you have to play internet NAZI?  You do understand users are more than likely just going to surf whatever they want on their phones, etc.

          I can see blocking bad shit, trying to be the good guy and protecting users from them selves, p0rn from an HR view, etc.  Limiting bandwidth, so one user doesn't suck up everything streaming a movie..

          But why do you need to auth a specific user and track specific user.  Why do these students even need internet while they are suppose to be working on whatever vocation your teaching?

          I have worked in content filtering for years and years - way before everyone had a cell phone they could just do whatever they wanted to while at their desk, etc.  The best way to do it was 1 policy..  Everyone blocked!! Or everyone allowed.  Non work related stuff like streaming sports - each ip gets a quota of time, etc.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • V
            verdura
            last edited by

            Hi  johnpoz,

            Thanks for the input.
            We are running TMG.
            Me needs are my needs… I'm just asking if I can accomplish that with pfsense.

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              Yes you can filter with squid on user, and report on user.. Yes squid can auth this user from AD.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • KOMK
                KOM
                last edited by

                He already reposted his question in General Questions yesterday.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.