Just got round to putting our smoothwall box in, setup was fine, but i'm struggling with authentication, can anyone help me?
Currently, when log in and open internet explorer i'm greeted by the cache error message saying my login details are incorrect... however if I open firefox i'm greeted by a login box, where i can authenticate my details. Once i authenticate through firefox internet explorer works fine.
We've gone a step further with firefox, changing the config to allow NTLM, this has taken away the login box and authenticates itself, which then allows ie to work.
But... most of the machines here just run IE, so using firefox to authenticate as a workaround isn't really an option...
Does anyone have any ideas how I can authenticate using internet explorer? (without a popup box)
Smoothwall support has been great so far, but 21000 heads are better than 2 :-)
Two quick things that might help - when using Internet Explorer how are you setting your proxy details? If using manual configuration ensure that you do not proxy for the SmoothWall itself - might need to do this by IP, hostname and FQDN depending on how IE feels today :) Alternatively if you use the auto configuration script at http://smoothwall.address/proxy.pac this should set it up for you.
Also, if you're not intending on doing inline transparent filtering, make sure that transparent isn't ticked on Guardian > Proxy > Web Proxy (towards the top) then save and restart.
Hope this helps, if not please let me know.
Cheers Rob, I've tried the things you suggested, I was using manual proxy, but tried the proxy.pac (no difference).
I then disabled the transparent filtering, which now prompts a login box for IE (which is a bit better, but still not perfect!)
Good stuff. Assuming you're using NTLM Authentication - is this a domain workstation on the same domain as the SmoothWall? Are you logged-in with a domain user account?
Actually just seen you say that Firefox automatically and invisibly logs you in without asking for username and password. In which case is there anything that might make IE think that the SmoothWall isn't a local system, hence not automatically sending login details to it? Like it being on a non-local subnet or by non-standard local intranet zone settings?
Ah, disabling transparent seems to have foobed all authentication, firefox pops the login box too now, but won't accept any of the stuff i enter...
Can you log into your domain using username@FQDN? Is that info populated in AD Users and Computers for all user accounts under user logon name?
It may be (depending on how you're bulk creating accounts) that you're missing info SW relies on to authenticate you.
You can bulk add the FQDN using ADModify if that's the case.