Hello,
Before some months i purchase WinGate and i installed it on a boat. I have create 12 users in WinGate and guests (physical clients) are using these accounts to access the internet with the current available internet connection (Satellite, UMTS, Landline, etc).
The best configuration for my scenario was to use ENS with Transparent Proxy Enabled WWW Proxy. User to authenticate uses the Java login authentication. This scenario works fine because i don't want to access client's equipment with zero configuration and there no one on board that could resolve these issues.
Now i am thinking to go a step further and i need some help on the following:
When a user open's the browser the java applet is running through WinGate internal web server and ask's to enter username/password. User until enter the appropriate username and password is not able to access internet at all, but his is able to access the internal network, such as printers, routers, remote desktop to computers, etc. What i need is the user until authenticate to don't have any access to the local network except off DHCP Server (I use Wingate DHCP Service) and the java login applet through browser. I need this extra configuration because i want to remove the security from the access points and the only security gateway to the whole network to be Wingate through java authentication.
Thanks in Advance.
Regards,
Nikos Z.
Make Internal LAN unreachable until user authenticate
Moderator: Qbik Staff
4 posts
• Page 1 of 1
Make Internal LAN unreachable until user authenticate
by bytelord » Apr 28 10 2:12 am
- bytelord
- Posts: 7
- Joined: Apr 28 10 1:50 am
Re: Make Internal LAN unreachable until user authenticate
by Alen » Apr 28 10 2:49 am
bytelord wrote:What i need is the user until authenticate to don't have any access to the local network except off DHCP Server (I use Wingate DHCP Service) and the java login applet through browser.
If under network we understand just network hosts connectivity, then you need to deploy 802.1X protocol on your network.
If under network we understand network resources access, then you need Active Directory.
Wingate is not destined to be used in these manner at all...
- Alen
- WinGate Master
- Posts: 217
- Joined: Sep 21 09 7:50 pm
Re: Make Internal LAN unreachable until user authenticate
by adrien » Apr 28 10 3:28 am
Hi Nikos
Actually the users must already have some sort of LAN access - that's how they can access WinGate. If you disable security at the access point (are the users using wireless?) then the only security will be the OS security on the LAN itself. So you will probably want to lock down what they can do on the LAN, e.g. with Active Directory. WinGate isn't designed to be a local network security solution, the OS already covers that.
Regards
Adrien
Actually the users must already have some sort of LAN access - that's how they can access WinGate. If you disable security at the access point (are the users using wireless?) then the only security will be the OS security on the LAN itself. So you will probably want to lock down what they can do on the LAN, e.g. with Active Directory. WinGate isn't designed to be a local network security solution, the OS already covers that.
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: Make Internal LAN unreachable until user authenticate
by bytelord » Apr 28 10 5:12 am
Hi,
Thanks for the fast response. Until now wingate works great for me. Mostly i was asking if it was possible to build something like hotspot with Wingate with all the other things that is possible to do.
Thanks again for your time.
Best Regards,
Nikos
Thanks for the fast response. Until now wingate works great for me. Mostly i was asking if it was possible to build something like hotspot with Wingate with all the other things that is possible to do.
Thanks again for your time.
Best Regards,
Nikos
- bytelord
- Posts: 7
- Joined: Apr 28 10 1:50 am
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 44 guests