Web Proxy Authentication (Full Version)

All Forums >> [ISA Server 2004 Cache] >> General



Message


Naluri2003 -> Web Proxy Authentication (28.Jun.2005 7:27:00 AM)

I have a ISA Server 2004 server in a workgroup (DMZ) and configured as a RADIUS client to authenticate with a RADIUS Server in a trusted LAN which is also an Active Directory domain controller. The RADIUS is configured to authenticate against the AD.

Is it possible for users from the trusted LAN to access the Internet without the need to authenticate with RADIUS via a pop-up box, something like single sign on ?

If I want to achieve single-sign on must I bring the ISA Server into a domain ?

Also, I am not able to use groups (user is OK)when configuring the access list for RADIUS. Is this by design ?

Thanks.




tshinder -> RE: Web Proxy Authentication (29.Jun.2005 10:26:00 PM)

Hi Naluri,

Check out the article on the front page of the site on ISA firewall best practices -- you should join the ISA firewall to the domain, for single sign on and much, much more in terms of improving security.

RADIUS groups are configured on the ISA firewall. You must populate them one user at a time. This is RADIUS limitation and another strong reason for joining the ISA firewall to the domain.

HTH,
Tom




Page: [1]