BorderManager proxy - IP/user authentication - Netware

This is a discussion on BorderManager proxy - IP/user authentication - Netware ; Hello, How to configure HTTP proxy in BorderManager 3.8 accorrding to the following rules: 1) some IP addresses must have access to Internet without authentication 2) some users (i.e. administrators) must have access to Internet from all machines, after authentication ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: BorderManager proxy - IP/user authentication

  1. BorderManager proxy - IP/user authentication

    Hello,

    How to configure HTTP proxy in BorderManager 3.8 accorrding to the
    following rules:

    1) some IP addresses must have access to Internet without authentication
    2) some users (i.e. administrators) must have access to Internet from all
    machines, after authentication (SSL authentication is preferred because a
    large number of machines haven't Netware clients)

    If authentication is enabled in BM setup, users from all machines have to
    authenticate themselves, even if there is an access rule explicitly
    allowing some IP addresses to access, with any destination IP.
    If authentication is disabled, these IP addresses can access the Internet,
    however, other machines cannot, even if there is an access rule allowing
    some NDS users to access.

    Please help.

    Jacek

  2. Re: BorderManager proxy - IP/user authentication

    Jacek Sierpinski wrote:

    > Hello,
    >
    > How to configure HTTP proxy in BorderManager 3.8 accorrding to the
    > following rules:
    >
    > 1) some IP addresses must have access to Internet without authentication
    > 2) some users (i.e. administrators) must have access to Internet from all
    > machines, after authentication (SSL authentication is preferred because a
    > large number of machines haven't Netware clients)
    >
    > If authentication is enabled in BM setup, users from all machines have to
    > authenticate themselves, even if there is an access rule explicitly
    > allowing some IP addresses to access, with any destination IP.
    > If authentication is disabled, these IP addresses can access the Internet,
    > however, other machines cannot, even if there is an access rule allowing
    > some NDS users to access.
    >
    > Please help.
    >
    > Jacek


    Hi,

    On the BorderManager authentication option from within NWADMIN you have to
    enable "Authenticate Only when user attempts to access a restricted page".
    In addition you have to be carefull with the rule order (first hit will
    match). So you place the most global rule on the top of the list. If you
    defined access rules based on IP addresses or networks they would be on the
    top of the list as well.

    You can verify the effective rule order using the "Effective Rules" button
    ont the BorderManager Access Rules configuration page. Keep in mid that you
    can as well store rules on the container object. Border reads the rules
    from the NCP server object up to the root.

    HTH

    Klaus



+ Reply to Thread