Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 7 Nov 1997 00:11:38 -0800
From:      Ben Pepa <webmaster@nwss.sd40.bc.ca>
To:        Brian Weber <brian@cbiowa.com>
Cc:        freebsd-isp@FreeBSD.ORG
Subject:   Re: User name authentication through firewalls
Message-ID:  <l03110704b0887b8d3976@[24.112.126.210]>
In-Reply-To: <Pine.BSF.3.95q.971107131922.485A-100000@student.unpar.ac.id>
References:  <345E51BB.5739DD57@cbiowa.com>

next in thread | previous in thread | raw e-mail | index | archive | help
> Here is what I am up against.  I am asked to install a firewall that
> will allow traffice on different ports.  So far pretty standard.  They
> want that access given through user name not ip address.  That is were
> the problem is.  I have been told that NT can do this through there
> proxy server.  Is this possible through freebsd or linux or should I
> just go with the nt solution.
> 	Please tell me there is a way to make unix do this!!!!
>

What I had implemented for our high school lan was to use my FreeBSD box as
a gateway using ipfw and natd.  The clients were Novell & Macintosh
computers running Netscape.  Netscape would boot to a user login screen.
They would submit their login name & password to the local server (as local
packets didn't need exterior routing - our intranet).  It would then, if
authenticated, add a route from the client machine so they could get onto
the internet.

And, I set the server to logoff clients after 30 minutes using crontab (by
flushing the ipfw rules).  This limited students to 30 minutes per login.

Ben





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?l03110704b0887b8d3976>