On Friday 20 June 2003 03.29, Wei Ming Long wrote:
> Hi everyone,
> I have been tasked with a project to grant web access to some
> laptop clients.
> I have some wireless clients & some of them have permission to surf
> the internet & others don't. All web requests on port 80 are
> redirected by iptables to the Squid proxy server, can I use
> Freeradius to authenticate the users before sending the requests
> out into the internet. And if the users are
> not allowed to surf the internet, a web page will be sent to them
> telling them
> they are denied access. Can this be done?
Authentication to FreeRADIUS can be done yes. Recommended method is to
use the native Radius helper linked from the Squid home page.
However, please note that the Radius helper is currently looking for
a new maintainer as the original maintainer does not have time or
need to maintain it any longer, and as a result of this the helper
have not yet been updated for Squid-2.5 and may have problems with
certain passwords having odd characters in them. Other than this it
should work fine with Squid-2.5.
However, you cannot combine authentication and interception of port
80. To use authentication the browser must be aware it is using a
proxy, or else the browser will not agree on doing proxy
authentication to a proxy which should not be there..
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Fri Jun 20 2003 - 05:26:12 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:28 MST