Jump to content


larrywl's Content

There have been 7 items by larrywl (Search limited from 22-June 09)


By content type

See this member's

Sort by                Order  

#48264 Webfilter loses connection to Domain

Posted by larrywl on 25 May 2010 - 08:59 AM in Barracuda Web Security Gateway

We have to click "Join Domain" 2-4 times per week to fix authentication issues.



#48263 Installing IE8 causes some NTLM authentication failures

Posted by larrywl on 25 May 2010 - 08:57 AM in Barracuda Web Security Gateway

We still get 2-6 calls per day from staff who get denied access to non-blocked pages, and I can see 1-2 dozen corresponding Web log entries where the username is blank ("-"). The user logs out and back into the same Citrix server and everything is fine. No patterns I can find, just occasional NTLM hiccup, and only on Citrix servers with IE8 loaded.



#47759 Webfilter loses connection to Domain

Posted by larrywl on 19 April 2010 - 09:50 AM in Barracuda Web Security Gateway

We also occasionally get this. We have 3 domain controllers, and I have to enter a different domain controller and click "Join Domain" under the NTLM Authentication Service tab to get authentication to start working again. No pattern, rhyme, or reason as to why we get this.



#47650 Installing IE8 causes some NTLM authentication failures

Posted by larrywl on 12 April 2010 - 09:04 AM in Barracuda Web Security Gateway

We run a 410 inline in hybrid mode (PC users authenticated by LDAP, Citrix users authenticated by NTLM). We set the proxy settings for the Citrix users via Group Policy, and the Citrix farm is set to assign Virtual IP addresses to each user. This has been working fine for us since last year.We recently began upgrading the Citrix servers from IE6 to IE8, but stopped when we found that sometimes a user would be presented the Barracada "Access Denied" screen and request their credentials. This us seeminly random - it does not happen to specific users, to specific servers, or at specific intervals - and just to the newly upgrade IE8 systems. When we look in the Domain Controller event logs, we see that the users have received a valid virtual IP address. When we look at the Barracuda log, we see the IP address of the request but the user name is blank (shows a "dash" in the log).Barracuda looked at this and suggested that this might be my problem: http://support.citrix.com/article/CTX120856 - I used GPO to add the Barracuda to the "Trusted Sites" in IE for all Citrix users, but it did not make a difference.Has anyone else seen this, or possibly have an explanation as to what would have changed in IE8 to possibly make NTLM authentication not always work?Thank you!



#46955 WF NTLM Auth - Multiiple DC specification

Posted by larrywl on 10 February 2010 - 11:58 AM in Feature Requests

I second that request. We are also having issues where NTLM authentication just stops on one of our DCs, so having a backup DC configured to the WF would be nice.



#46238 Warned Activity Timeout question

Posted by larrywl on 16 December 2009 - 12:12 PM in Barracuda Web Security Gateway

Does that timeout ever expire? For instance, if I set it to 30 minutes for a site, is the user ever able to visit that site again after the 30 minutes are up? I'm hoping that the timeout eventually DOES expire (ideally daily) so that I can limit access to these sites for a short period each day.If the timeout setting means that the user can never connect to that site again after the limit has been reached, is there another means within the Barracuda that would allow me to configure a daily time limit to sites by user?Thanks!



#46236 Warned Activity Timeout question

Posted by larrywl on 16 December 2009 - 11:57 AM in Barracuda Web Security Gateway

Brand new Barracuda user and first time posting here...Does the "Warned Activity Timeout" reset itself after some period of time? I'd like to have some way to give users a limited amount of time per day to access certain web pages - ideally, I would set these sites to "Warned" and the user would not be able to access the site(s) until the next day (or 24-hour period) once their time has been exceeded.Any thoughts would be appreciated!