Pfsense+Squid+Squidguard+Active Directory
-
Hi there:
I have a virtual machine with pfsense version 2.7.0 and a single network interface, my project is to put squid authentication with active directory with squidguard taking advantage of the active directory groups to filter the traffic of each department of my company. But I can't get it to work properly. After installing squid and squidguard they don't work.
First I enable only squid to pre-configure everything and right from the start, without setting any authentication method and without creating any local users, users can browse without any problem. Then, when I set up a local user and choose the local authentication method, it starts asking for username and password, but as I do not want that, I set the LDAP authentication method. Then I use this line:
(&(objectClass=person)(sAMAccountName=%s))
I manage to authenticate the users, but this is not enough because I want to create groups, so I go to squidguard and import the blacklists to create ACL, both common and groups, but no matter which group I put the user in to authenticate, the user continues to browse without restrictions.
I know that this explanation, despite its length, does not shed any light on the causes of my problem, but could someone help me?
Thanks in advance. -
@quemadera check this plugin: pf2ad
-
@periko PF2AD's project is great, but unfortunately I don't have the money to implement it. Im from Cuba.
Sheers -
@quemadera said in Pfsense+Squid+Squidguard+Active Directory:
PF2AD's project is great, but unfortunately I don't have the money to implement it.
You can try this method. It will use Kerberos by importing keytabs to Squid.
https://journeyofthegeek.com/2017/12/30/pfsense-squid-kerberos/ -
@mcury I'll give it a try and let you know, thanks
