Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dansguardian NTLM proxy auth

    Scheduled Pinned Locked Moved pfSense Packages
    11 Posts 3 Posters 3.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      instabin
      last edited by

      I cannot get the ntlm authentication to work
      I have 2 groups default and pf_staff.

      LDAP is setup and is pulling the users that are members for the pf_group

      I changed the policy on the winodws 8 machine to LM & NTLM -use ntlmv2 security if negotiated.
      .

      Any ideas on why The proxy is not detecting the user?

      1 Reply Last reply Reply Quote 0
      • marcellocM
        marcelloc
        last edited by

        @instabin:

        Any ideas on why The proxy is not detecting the user?

        Dansguardian will forward ntlm requests do squid. Did you configured squid to accept ntlm auth?

        Treinamentos de Elite: http://sys-squad.com

        Help a community developer! ;D

        1 Reply Last reply Reply Quote 0
        • I
          instabin
          last edited by

          No I did not…
          I will try this right now.
          Thank you for the information.

          1 Reply Last reply Reply Quote 0
          • I
            instabin
            last edited by

            Enabled auth on squid but still not working.

            I have attached images of my config.

            The users in dans were automatically added

            dansldap.JPG
            dansldap.JPG_thumb
            dansusers.JPG
            dansusers.JPG_thumb
            squid.JPG
            squid.JPG_thumb

            1 Reply Last reply Reply Quote 0
            • marcellocM
              marcelloc
              last edited by

              @instabin:

              Enabled auth on squid but still not working.

              You need samba on pfsense to join the AD.

              Treinamentos de Elite: http://sys-squad.com

              Help a community developer! ;D

              1 Reply Last reply Reply Quote 0
              • I
                instabin
                last edited by

                Its pulling the user accounts. Why do I need samba?

                Is there a tutorial I dont see a package

                1 Reply Last reply Reply Quote 0
                • marcellocM
                  marcelloc
                  last edited by

                  @instabin:

                  Its pulling the user accounts. Why do I need samba?

                  Is there a tutorial I dont see a package

                  To use ntlm, you need samba but with LDAP with auth popup don't.

                  There is a tutorial on Portuguese forum, I'll look for it and paste the link here for a Google translate.  ;)

                  Treinamentos de Elite: http://sys-squad.com

                  Help a community developer! ;D

                  1 Reply Last reply Reply Quote 0
                  • G
                    Gloom
                    last edited by

                    @instabin:

                    Its pulling the user accounts. Why do I need samba?

                    Is there a tutorial I dont see a package

                    It's not Samba as such it's the winbindd bit that is required to get ntlm_auth to work but you don't get it without Samba

                    Never underestimate the power of human stupidity

                    1 Reply Last reply Reply Quote 0
                    • I
                      instabin
                      last edited by

                      I see I found a package for samba.
                      Do you think it would work?

                      http://code.google.com/p/pfsense-cacheboy/

                      1 Reply Last reply Reply Quote 0
                      • G
                        Gloom
                        last edited by

                        I doubt it as the web page clearly states  "Compiled and Installed on FreeBSD 7.2"  and I'm assuming that you are on PFSense 2.0.1 which is based on FreeBSD 8.1

                        I'm not a great fan of putting packages on a firewall, I'd rather just build another server as a proxy but if you're willing to take the risk then do a pkg_add -r samba.

                        See

                        http://numberformatdata.wordpress.com/2010/12/11/samba-installation-on-freebsd/

                        It covers installing from package on 8.1.

                        I also wouldn't do this on a live firewall without running through it on a test setup and backing everything up first.

                        All that said there is probable someone on here who has done this and can offer better advice than me on the setup.

                        Never underestimate the power of human stupidity

                        1 Reply Last reply Reply Quote 0
                        • marcellocM
                          marcelloc
                          last edited by

                          @marcelloc:

                          There is a tutorial on Portuguese forum, I'll look for it and paste the link here for a Google translate.  ;)

                          http://forum.pfsense.org/index.php/topic,47532.msg249812.html#msg249812
                          http://forum.pfsense.org/index.php/topic,47532.msg250366.html#msg250366

                          Treinamentos de Elite: http://sys-squad.com

                          Help a community developer! ;D

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.