• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Access allowed after login to domain controller..

Scheduled Pinned Locked Moved Captive Portal
8 Posts 5 Posters 5.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • H
    Hank
    last edited by Sep 19, 2006, 6:54 AM

    Hi,

    pfsense's captive portal feature works great.  In our case the win2003 box used as radius server hooked up to pfsense is also a domain controller.

    I wonder if there is a way to force users to log in to the domain controller in order to be grated internet access through pfsense.

    Can pfsense's captive portal be configured to check for authenticated domain users instead of getting login credentials from the radius server..?

    regards

    hank

    1 Reply Last reply Reply Quote 0
    • H
      hoba
      last edited by Sep 19, 2006, 10:55 AM

      Not unless somebody adds ldap support I think. Have a look at the squid proxy. It has ldap support but I'm unsure atm if this feature is working correctly or at all yet.

      1 Reply Last reply Reply Quote 0
      • R
        rjkruit
        last edited by Oct 19, 2006, 7:22 AM

        I've been trying to make pfsense work with our domain controller for several days now without success. Can you tell me what policy you made in IAS for pfsense?
        To allow internet access to users that have allready authenticated to the domain controller wil indeed require LDAP support.

        1 Reply Last reply Reply Quote 0
        • T
          trendchiller
          last edited by Oct 20, 2006, 11:24 AM

          have a look here:

          http://pfsense.org/mirror.php?section=tutorials/cp_config/radius_win2k3.htm

          1 Reply Last reply Reply Quote 0
          • R
            rjkruit
            last edited by Oct 20, 2006, 5:18 PM

            Thanks m8! It works like a charm!  8)

            1 Reply Last reply Reply Quote 0
            • M
              mibo
              last edited by Oct 26, 2006, 9:03 AM

              @ Hank

              if you can change CP to use a login box like htaccess and use Internet Explorer it can be work.

              IE with the default settings try to logon on local networks with the credentials of the active Domain User.
              I don't know if the CP Page is recognized as a local Site?

              I use this "feature" with a proxy server and Win2003 DC.

              give it a try..?

              1 Reply Last reply Reply Quote 0
              • R
                rjkruit
                last edited by Oct 26, 2006, 10:41 AM

                Interesting idea. It should be working when you will be able to let the login script supply a domain name equal to your active directory domain. I think you should supply it as a realm name. I'm not sure though.

                1 Reply Last reply Reply Quote 0
                • H
                  Hank
                  last edited by Dec 10, 2006, 2:24 PM

                  @mibo:

                  @ Hank

                  if you can change CP to use a login box like htaccess and use Internet Explorer it can be work.

                  IE with the default settings try to logon on local networks with the credentials of the active Domain User.
                  I don't know if the CP Page is recognized as a local Site?

                  Hi mibo

                  Sorry for the long absense.

                  Can you elaborate 'login box like htaccess' a bit?  I'm a newbie so I don't have much knowledge with these issues.  But I'd like to try this as a possible solution.  You mention specifically IE, does it ork with other browsers too, like Firefox and Opera..?

                  Looking forward to try this out

                  regards

                  Hanks

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                    [[user:consent.lead]]
                    [[user:consent.not_received]]