+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 35
Internet Related/Filtering/Firewall Thread, Smoothwall Help in Technical; ...
  1. #16
    mounters's Avatar
    Join Date
    Mar 2006
    Location
    Northumberland
    Posts
    199
    Thank Post
    22
    Thanked 70 Times in 59 Posts
    Rep Power
    29
    Go to here services » authentication » include groups and select the appropriate user groups you want to include. Then go here services » authentication » groups and map the LDAP groups to the smoothwall group.

    This will ensure that all your users are mapping to the appropriate smoothwall group.

  2. #17
    DSapseid's Avatar
    Join Date
    Feb 2007
    Location
    West Sussex
    Posts
    1,155
    Thank Post
    131
    Thanked 54 Times in 47 Posts
    Rep Power
    38
    Excellent it was the authentication settings at the bottom of the page all is now working

    I have just had an argument with some pupils as they cant play games anymore Teacher loved it though means they have to stay on task

    BOFH me?? ....... never

    Cheers for all the help

  3. #18
    DSapseid's Avatar
    Join Date
    Feb 2007
    Location
    West Sussex
    Posts
    1,155
    Thank Post
    131
    Thanked 54 Times in 47 Posts
    Rep Power
    38
    Yep you guessed it another problem!!

    90% of my users are appearing as unauthenticated ip's when they get the block page instead of staff or students. I have set up groups called staff and students that match with my ad groups called all staff and all students. Why is it doing this??

    Oh just another quick thing how can i redirect a webpage to another?? I use a websearch page that provides with income so i want to redirect google/yahoo/ask etc to this page

    Sorry for all the questions but my exchange server is dying so i am having such a fun time!!!

    Cheers

    Dan

  4. #19
    krisd32's Avatar
    Join Date
    Feb 2006
    Location
    Longridge, Preston
    Posts
    545
    Thank Post
    85
    Thanked 68 Times in 47 Posts
    Rep Power
    43
    What authentication type are you using? NTLM? go to gaurdian then authentication in the gui and check the settings in there.

  5. #20
    DSapseid's Avatar
    Join Date
    Feb 2007
    Location
    West Sussex
    Posts
    1,155
    Thank Post
    131
    Thanked 54 Times in 47 Posts
    Rep Power
    38
    im using 'NTLM Identification (Terminal Services compatibility mode)' is this the right one to be using??

  6. #21
    krisd32's Avatar
    Join Date
    Feb 2006
    Location
    Longridge, Preston
    Posts
    545
    Thank Post
    85
    Thanked 68 Times in 47 Posts
    Rep Power
    43
    I'm just using ntlm identification. it should be ok i suppose. what about the groups down at the bottom of the page for the web proxy allow. what are your settings in there?

  7. #22
    DSapseid's Avatar
    Join Date
    Feb 2007
    Location
    West Sussex
    Posts
    1,155
    Thank Post
    131
    Thanked 54 Times in 47 Posts
    Rep Power
    38
    attached is a screen shot of my authentication settings. I have only set the unauthenticated one to be filtered as instead of no as i was getting winged at that they couldn't get onto any site!
    Attached Images Attached Images

  8. #23


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,507
    Thank Post
    871
    Thanked 862 Times in 681 Posts
    Rep Power
    199
    Dan,

    Is there anything different about these 90%? It seems like they are not getting the NTLM challenge. Definitely *unathenticated ips* and not default users?

    As for redirecting search - look at your custom categories, and create one of type "content security" - the URL security rules in there allow you to use regular expressions to redirect user requests.

  9. #24
    DSapseid's Avatar
    Join Date
    Feb 2007
    Location
    West Sussex
    Posts
    1,155
    Thank Post
    131
    Thanked 54 Times in 47 Posts
    Rep Power
    38
    Hi Tom,

    Attached is a screen shot of the block page i get logged in as my test student. There is nothing different about the users at all, it is affecting staff and students though so they are obviously different!

    Dan
    Attached Images Attached Images

  10. #25
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,505
    Thank Post
    10
    Thanked 508 Times in 445 Posts
    Rep Power
    116
    Quote Originally Posted by DSapseid View Post
    Hi Tom,

    Attached is a screen shot of the block page i get logged in as my test student. There is nothing different about the users at all, it is affecting staff and students though so they are obviously different!

    Dan
    Have you restarted the smoothwall box? Sometimes ours stops being able to authenticate NTLM, I assume it's something to do with the machine account password expiring in AD.

    Looking at the auth messages in the system log would be a lot more use for diagnostics.

  11. #26
    DSapseid's Avatar
    Join Date
    Feb 2007
    Location
    West Sussex
    Posts
    1,155
    Thank Post
    131
    Thanked 54 Times in 47 Posts
    Rep Power
    38
    I have restarted the server and still the same! I looked at the logs as suggested but nothing glaringly obvious (well to me anyway!) however when i look on the realtime - system page i get the following message appearing every few seconds for different users. Im assuming this is what the problem is!

    Jun 22 10:24:09 s_sys@MCC-SVR-01 dansguardian[12412] Reponse from AuthD not marked as OK; this is what we got:
    Jun 22 10:27:29 s_sys@MCC-SVR-01 smoothauthd LDAP user search user=poolj002@INTERNAL.MANHOOD.SUSSEX.SCH.UK filter=(userPrincipalName=poolj002@INTERNAL.MANHOO D.SUSSEX.SCH.UK) searchbase=OU=Manhood Community College,DC=Internal,DC=Manhood,DC=Sussex,DC=sch,DC =uk

  12. #27

    rob_f's Avatar
    Join Date
    May 2008
    Location
    Leeds
    Posts
    232
    Thank Post
    16
    Thanked 76 Times in 58 Posts
    Rep Power
    26
    That looks generally OK. Do you perhaps have a funny netbios name for your network? I say funny, I think it assumes that it is "INTERNAL" based on your LDAP context above.

    I'd be inclined to force it to whatever it needs to be under the advanced settings on the auth settings page.

    Also, do all your users have username@domain style login names on their account tab in AD? If not, either get them created with something like ADinfinitum or whatever it's called, or tick the Use SAM Account Name in the same advanced auth settings section.

    Failing that, feel free to give support a call. We all love a good AD query


    Rob.

  13. #28
    DSapseid's Avatar
    Join Date
    Feb 2007
    Location
    West Sussex
    Posts
    1,155
    Thank Post
    131
    Thanked 54 Times in 47 Posts
    Rep Power
    38
    No i dont have a funny netbios name, the netbios name is the 'internal.manhood.sussex.sch.uk' one and domain name is 'mcc'.

    All users have a <username>@mcc enabled in AD.

    Think i may phone support because i dont want to start messing around with the sam thing.

  14. #29
    DSapseid's Avatar
    Join Date
    Feb 2007
    Location
    West Sussex
    Posts
    1,155
    Thank Post
    131
    Thanked 54 Times in 47 Posts
    Rep Power
    38
    Theres no response on the smoothwall number i ring the 08700 1999 500 number and dont get the woman giving all the options it just rings i have held on for over a minute and still nothing!

  15. #30

    rob_f's Avatar
    Join Date
    May 2008
    Location
    Leeds
    Posts
    232
    Thank Post
    16
    Thanked 76 Times in 58 Posts
    Rep Power
    26
    Hmm, that's strange. Just tried now and it's ok. Give it another go and if it's not working i'll get someone to call you.

    RE netbios name, it should be what you see in the domain box on windows PCs when you login - it is by default the leftmost portion of the DNS domain name and won't contain any dots.



SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Thanks Smoothwall
    By ninjabeaver in forum Internet Related/Filtering/Firewall
    Replies: 10
    Last Post: 7th March 2009, 01:05 PM
  2. Smoothwall
    By kylewilliamson in forum Internet Related/Filtering/Firewall
    Replies: 0
    Last Post: 22nd February 2009, 12:31 AM
  3. Smoothwall 3.0
    By Messa in forum Wireless Networks
    Replies: 4
    Last Post: 20th November 2008, 09:51 AM
  4. Smoothwall
    By CyberNerd in forum *nix
    Replies: 9
    Last Post: 8th March 2007, 08:38 PM
  5. Goodbye Smoothwall Hello Smoothwall
    By Simcfc73 in forum Wireless Networks
    Replies: 2
    Last Post: 30th June 2006, 07:55 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •