• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Rules with AD users

Scheduled Pinned Locked Moved Firewalling
4 Posts 2 Posters 2.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S
    sp_david
    last edited by Mar 21, 2016, 2:41 PM

    Hi All,
    i'm a newbie on pfsense and i'm trying to figure out how to create firewall rules to filter traffic based on AD users.
    I have 3 different AD domains and i want to have only one proxy server to filter Internet traffic on them.

    Any suggestions is appreciated.

    Thanks

    David

    1 Reply Last reply Reply Quote 0
    • M
      muswellhillbilly
      last edited by Mar 21, 2016, 2:54 PM

      You can't filter firewall traffic using AD policies, but you can selectively filter web traffic (http/https) via Squid proxy using AD group membership, if that's what you're after.

      1 Reply Last reply Reply Quote 0
      • S
        sp_david
        last edited by Mar 21, 2016, 3:10 PM

        thanks for your quick reply muswellhillbilly. Yes that's exactly what i want.
        Filter traffic in our environment based on AD users/groups

        Thank you again

        1 Reply Last reply Reply Quote 0
        • M
          muswellhillbilly
          last edited by Mar 22, 2016, 9:08 AM

          There are any number of howto's on this topic, but here's one to be getting on with:

          https://www.howtoforge.com/debian-squeeze-squid-kerberos-ldap-authentication-active-directory-integration-and-cyfin-reporter

          From what I understand, it's possible to set AD authentication using Squid/Squidguard on the PFS directly, though I haven't done this myself. If you have a look at the packages involved they ought to be self-explanatory, though there are similar posts to these elsewhere on the forum.

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received