• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

user authentication for firewall clients

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> General >> user authentication for firewall clients Page: [1]
Login
Message << Older Topic   Newer Topic >>
user authentication for firewall clients - 6.Jun.2008 12:57:32 AM   
gping

 

Posts: 11
Joined: 22.Jan.2007
Status: offline
We want to authenticate all LAN users for all of their access to outside WEB. (We used to setup the ISA to simply allow All users).
All Lan PCs are installed with Firewall client.
On the ISA server (2004 or 2006), I created 2 rules:
first allow All Users to go anywhere for any protocol except HTTP.
Second all certain users to go anywhere with HTTP.
We donít have Active directory, and for simplicity and test purpose, I created users1 and user2 on ISA (Win2003) server and setup the second rule to allow these 2 users to go WEB.
Also on ISA server > configuration > network > Internal > Web proxy > authentication > tick "integrated"
However I got problem here:
On all Lan PCs, the "Firewall client management" icon at the right bottom of the screen showed "Cannot authenticate with isa server", thus no ftp / telnet / IE could go out.
However if I setup "Internet options" with proxy server = isaserver, then my IE would be prompted username / pswd and then go out to WWW. But no for telnet / ftp etc.
Could someone please shed some lights on this issue? We want standard FirewallClient installed on all LAN PCs, (not Web proxy, as it might affect IE to access internal Web). And ISA should authenticated users before granting access to outside.
 
Thanks a lot.
Post #: 1
RE: user authentication for firewall clients - 6.Jun.2008 4:46:06 AM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi,

You are right in every word.

And to be able to use the Firewall client in a non domain machine/account, then mirror the account you created on ISA Server on the client machine also.

For example you created user1 and user2 on ISA Server right ?

then go on one of the clients and create user1 account with the same password that the user1 on ISA Server has it. Then the firewall client will be able to authenticate

HTH,
Tarek

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to gping)
Post #: 2
RE: user authentication for firewall clients - 11.Jun.2008 3:03:28 AM   
gping

 

Posts: 11
Joined: 22.Jan.2007
Status: offline
how about using radius server? I setup a radius server, it seemed like still wont work as I want. - it wont pop up the user/pswd for those ftp /telnet / ssh / etc sessions.

And i setup the Active directory, and join all test pc and isa server into AD, then work perfectly. "All users can do telnet / ftp / ssh / pop etc. And select users can go to websites."

Please comment. Than
ks.

(in reply to elmajdal)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> General >> user authentication for firewall clients Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts