NTLM - Re-authentication

WinGate Proxy Server and other Qbik products

Switch to full style
Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Post a reply
marshm
  • marshm
  • Posts: 3
  • Joined: May 28 05 12:09 am

NTLM - Re-authentication

May 28 05 12:15 am

Hello

I am trying to set up a demonstration system using Wingate to control user access to the Internet, but am having some difficulties.

Wingate is using the local Windows XP user accounts, with NTLM for authentication.

As expected, when a user trys to get onto the Internet, a box appears, they enter their un/pw and they have access. However, if I boot them off from gatekeeper, or if their session times out - the login box will not appear again. Wingate reports that the user is now "assumed" instead of "authenticated". Assumed users are not allowed, so access is denied.

How do I stop Wingate assuming a user and instead make it ask for un/pw to reauthenticate?
marshm
  • marshm
  • Posts: 3
  • Joined: May 28 05 12:09 am

May 28 05 1:37 am

UPDATE: It seems it all works perfectly if I tell IE to use the proxy server manually. However, this is not ideal solution, and would much prefer the transparent proxying to function correctly. Any ideas?
adrien
  • adrien
  • Posts: 5448
  • Joined: Sep 03 03 2:54 pm
  • Location: Auckland
  • Website

May 28 05 10:21 am

Hi

Normally WinGate will re-ask for authentication if the session does not have the required security level (i.e. is assumed rather than authenticated).

Does this only happen if the session aborts abnormally?

Transparent proxy using NTLM isn't an ideal situation really, since the browser thinks it is talking to, and authenticating with the remote server. Therefore it associates the user credentials with the site it thinks it is talking to. That means if you use NTLM on Transparent Proxy, the browser will pop up a UN/PW dialog box for every site you go to, unless you configure the browser to automatically use the currently logged in credentials.

Adrien
marshm
  • marshm
  • Posts: 3
  • Joined: May 28 05 12:09 am

Jun 02 05 2:53 am

This does not seem to be an NTLM problem, as I've just retried this with the Java client, and the exact same problem occurs.

If the client is not authenticated, and no proxy is specified in Internet Connection Settings, then no Java window or NTLM un/pw box will appear. If I manually put in the proxy server, it works flawlessly every time.

I have the WWW Proxy Server set to transparent proxying on port 80. This seems to be completely ignored.

Any suggestions?
Post a reply
Switch to full style

Powered by phpBB © phpBB Group.

phpBB Mobile / SEO by Artodia.

Board index