Jump to content


Photo

Local user authentication

web filter 310 users authentication dns

  • Please log in to reply
1 reply to this topic

#1 Pat Edinger

Pat Edinger
  • Members
  • 2 posts

Posted 22 August 2015 - 08:56 AM

I have a situation I cannot figure out and I am sure it is documented, but I just can’t seem to make it work.

 

I am volunteering at a school as their network guy and inherited a web filter 310. The school is setup into various wireless and wired LAN's and everything passes through the 310 before hitting the internet.

 

I have enabled authentication to the domain controller and it works well for people who login to the domain controller to show them as authenticated. The issue I have is twofold.

 

First, the unauthenticated users all have local accounts but they don’t log into them because the 310 is not providing a login screen. At some point last year the administrator – since gone, had them all log in with local accounts and no domain controller. I want the 310 to provide everyone with a login page and then to use local users if not authenticating to the domain controller. This is particularly important on the schools guest wireless network, which is used by almost everyone for his or her phones, tablets, etc…. How do I get them presented with that login web page? I’ve tried every setting I can find in the documentation with no success.

 

Second, when someone goes to a blocked site, they get a not trusted web page, not a barracuda page, they can power on to after about three clicks get a barracuda blocked page. I assume this has to do with the credentials of the user and also the 310 as far as domain name etc… Can someone point me to some help on either of these issues?



#2 John Irwin

John Irwin
  • Barracuda Team Members
  • 54 posts

Posted 24 August 2015 - 09:23 AM

so we have an inline deployment with LDAP AD integration.

the first thing to be sure of

With Local user accounts created(normally when no authentication is used) this local username cannot be the same as an LDAP name, it must be different as it may be seeing the ldap name and will not provide a login because of single single sign on. while there may be another issue with LDAP /rules/ or policy engine/services. a technician would be able to help determine the concern. have the school verify with us that your name is added to the account for contacting us and we can then assist you further to better determine the cause. we are available 24/7 for you.