Squid/SquidGuard acl



  • Hello,

    First of all thanks for the forum, new here.
    We have PFsense 2.3, Squid, Squidguard, Captive Portal and Radius installed. Captive Portal works fine with Radius. Squid authentication seems not to be working.

    Squid has authentication Radius.

    What I do not understand, (probably stupid :)), how does squid get its authentication? User logons on in Captive Portal using Radius, redirect screen opens. How does Squid "know" which user is logged on, and the appropriate acl?

    Thanks,
    Jeff



  • Well it seems my question was too simply or too hard?

    What happens is that the squid proxy is not using the radius to get authentication, do not know why should be relatively easy.
    Watched both the Captive Portal as well as Squid/SquidGuard Hangouts.

    Captive Portal seems to work with most browsers, Squid not. (same IP Address).

    Any ideas where to look?

    Thanks,
    Jeff



  • Strange not one reply, do you need to give out a free beer before somebody acknowledges you exist?



  • Hello,

    Well been awhile still do not have captive portal working with squid. There is under authentication "captive portal" but doesn't seem to work.
    Any suggestions anyone, does it even work?

    Thanks,
    Jeff



  • I wonder if you don't mix-up "captive portal authentication sent to proxy" and "squid support for radius based authentication". Its no clear to me what you really want to achieve.

    Why don't you, for testing purpose and if possible, stop using captive portal and focus on "Squid + radius" authentication?
    For this, Squid wiki will still help.
    Once this works, you can go back to the initial config stacking Captive portal and Squid.

    This aside, I've to admit that I don't really understand what's the added value of having stack of authenticated captive portal plus authenticated HTTP proxy.
    What would the first one bring to the other? Is there something I miss here ?


Log in to reply