Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

need a proxy which is not a proxy

  • 20-06-2003 8:42am
    #1
    Closed Accounts Posts: 19


    Hi
    I have a small wired/wireless network (up to 20 users) with a basic NAT router/firewall connected to a broadband service.

    I need a method to authenticate users for web access, so that only those who have a current valid username and password should be able to get Internet access.

    I want to steer clear of configuring proxy server settings on clients as I have wifi users coming in and out every day with different laptops, looking for broadband access over this LAN, and changing proxy setup on these clients will be awkward.

    So I can run DHCP to give out a gateway IP address, but when users hit the gateway I want them to log in.

    2 possibilities I can see:
    - use a PC as a gateway, running authentication server software which is not a proxy server (hopefully there is a free/shareware product that someone knows of).
    - use a router as a gateway, which has a feature to validate users against a database or a radius server (probably a much more expensive solution).

    Any ideas? Thanks.


Comments

  • Registered Users, Registered Users 2 Posts: 3,308 ✭✭✭quozl


    have a look at noCatAuth (http://www.nocat.org)
    Runs on a linux or bsd box and blocks all outgoing network access. All attempts to connect to web ports (http/https) are instead redirected to the local machine, where the user must enter a username/password. Once they've done that, noCatAuth changes the firewall rules to allow traffic from that ip for a configurable period of time at a configurable speed.

    might do what you need? Some DubWAN nodes are using it to create captive portals. It also supports radius authentication which might be handy for you.

    Greg


  • Closed Accounts Posts: 423 ✭✭Dizz


    Ya could use squid ACL's in transparent mode and hook it up to dansguardian (content filtering etc)

    Dizz


Advertisement