User Setup Help
Moderator: Qbik Staff
2 posts
• Page 1 of 1
User Setup Help
by JPerez » Sep 13 05 3:44 am
I am interested in setting up a proxy server for users to be able to connect to certain ports. Our current network uses windows DHCP and Active Directory. Our routers are configured to block most ports except the ones that are absolutely necessary. However, we would like to provide users with the option to connect thru a proxy server to access ports blocked to everyone else (we will open the ports to the proxy server). I have turned off the wingate nat and dhcp since my routers and windows will take care of that. So far, I can connect to the proxy server, but I only see WG Username as Guest and no Username in the history tab. What do I have to do to be able to see what user is connected without installing wingate client on each machine? How are users suppose to authenticate? I see all my users and groups from my active directory under the wingate users tab and they are logging on thru the domain, but I don't see any other user besides WG username Guest in the history.
- JPerez
- Posts: 4
- Joined: Sep 13 05 3:04 am
- Location: San Antonio
by MattP » Sep 13 05 12:58 pm
In order for you to see the user in WinGate you will need to require some form of authentication, this will let WinGate discover who the user is.
You have a couple of options without installing the WGIC. It sounds like you're using the Active Directory user database, so you can use NTLM authentication, (as long as you have a version 6 Professional or Enterprise license) and you can set the client browser to automatically send through the NT login data. The client can therefore connect and authenticate transparently, this gives you the added benefit of setting policies based on users/groups, so you can control internet access via the proxy.
One drawback of this method is that Internet Explorer will not send login information to a website when it knows it is connecting via a proxy server, so any sites that require NTLM authentication will not work properly with this connection method.
You could set up basic authentication, this will pop up a login box for the users who will need to login before they are granted internet access, or you could set up assumptions based on IP addresses so that WinGate assumes that connections from a certain IP address must be a corresponding user.
You have a couple of options without installing the WGIC. It sounds like you're using the Active Directory user database, so you can use NTLM authentication, (as long as you have a version 6 Professional or Enterprise license) and you can set the client browser to automatically send through the NT login data. The client can therefore connect and authenticate transparently, this gives you the added benefit of setting policies based on users/groups, so you can control internet access via the proxy.
One drawback of this method is that Internet Explorer will not send login information to a website when it knows it is connecting via a proxy server, so any sites that require NTLM authentication will not work properly with this connection method.
You could set up basic authentication, this will pop up a login box for the users who will need to login before they are granted internet access, or you could set up assumptions based on IP addresses so that WinGate assumes that connections from a certain IP address must be a corresponding user.
- MattP
- Qbik Staff
- Posts: 991
- Joined: Sep 08 03 4:30 pm
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 3 guests