pfSense Plus can't work Google LDAP with Squid Proxy Server
-
Hello,
With Stunnel, I configured the authentication in pfSense and Captive Portal and this works fine, but does not work with my Proxy Squid.
Squid doesn't have a integration with Stunnel?
My Squid Authentication General Settings:
Authentication Method: LDAP
Authentication Server: 127.0.0.1
Authentication server port: 1636Squid Authentication LDAP Settings
LDAP version: 3
Transport: TCP - Standard
LDAP Server User DN: UserBindGoogleCredentials
LDAP Password: PasswordBindGoogleCredentials
LDAP Base Domain: Base DN: dc=MyDomain,dc=com,dc=br
LDAP Username: uid
LDAP Search Filter: uid=%sCan someone help me?
Regards,
-
What errors do you see logged?
Do you see traffic leaving encrypted toward Google?
-
Deny errors are showed on the real time logs.
I believe that be because I don't indicate the certificate on the squid.
-
If you're using Stunnel the client certificate would be set there. I assume that works for other LDAP auth?
-
Yes...
On Squid, authentication LDAP works fine with Microsoft AD.
And with Stunnel, pfSense authentication and Captive Portal works with Google Workspace LDAP, but squid but doesn't works.
The my Squid parameters are corrects?
-
up!!
-
Up because you're still looking for suggestions?
It's not something I've ever configured (or seen configured) if it works against a local unencrypted ldap server I would expect it to work against GA via Stunnel.
Steve
-
Hi,
Yes, I look for sugestions because don't authentic the Proxy Squid. I try with and without Stunnel.
-
But it does work against a local LDAP server?
-
This works in a MS Active Directory, via LDAP. My goal is connect to our Google Workspace LDAP.
The pfSense Authentication and Captive Portal works, but Squid, not.
I have a change "Squid Authentication Method" to Local and doesn't autenticate.