+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 24
*nix Thread, Endian Firewall in Technical; Hiya all, we have a Endian Firewall and i`m trying to get it to automatically pass the login credentials from ...
  1. #1

    Join Date
    Nov 2008
    Location
    Derby, UK
    Posts
    169
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    13

    Endian Firewall

    Hiya all,

    we have a Endian Firewall and i`m trying to get it to automatically pass the login credentials from the windows 7 clients to the firewall using AD.

    I have successfully joined it to the network, and I can see the computer account on my windows Server, but it refuses to pass the login info, when you try to access a site a log in box appears asking for login and password I fill this in (according to my access policy) and it just bounces back as if its the wrong password.

    I have tried various things with no luck, I even have one of the techy's from one of our partner schools looking into it, and he seems to get the same results on his test box. I`m using version 2.4.

    Cany anybody shed any light on this?

  2. #2

    Join Date
    May 2009
    Posts
    257
    Thank Post
    37
    Thanked 10 Times in 10 Posts
    Rep Power
    13
    are they macs ? we have endian firewall and it hates the mac NTLM support. Ive not used 2.4 but i know it deffinatly works in 2.3. would you like a screenshot of my domain settings page ? Also you might need to change group policy to allow insecure domain access (or something like that) It took me ages to figure out how to make it work properly
    Last edited by squeeky; 4th November 2010 at 04:23 PM.

  3. #3

    Join Date
    Nov 2008
    Location
    Derby, UK
    Posts
    169
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    13
    No they are all windows 7 PC's, id love a screen shot of your settings page, iv tried modifying the local policy whether it was that I changed I cant remember now.

    Thanks

  4. #4


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,485
    Thank Post
    867
    Thanked 854 Times in 675 Posts
    Rep Power
    197
    Try it with XP. If it works with XP its probably an incompatibility with their version of samba, in which case there's a registry hack somewhere to downgrade Win7's more aggressive NTLM requirements

  5. #5

    Join Date
    May 2009
    Posts
    257
    Thank Post
    37
    Thanked 10 Times in 10 Posts
    Rep Power
    13
    Right ive done some screenshots. Our domain server is (DT-SERVER) 192.168.1.2 and our domain is DESIGNTECH.SCHOOL (fully qualified). Personally ive had issues with anything above windows 2003 server. Win 7 isnt the issue as we have a test client running as stock and the internet works on that. The error in NTML is between your server and and endian. If its looking then thats because either the credentials arnt ever getting to the server or its rejecting them. For NTML you must use IE. Use a packet sniffer on your server and see if you can see any credentials comming through to the server (tho they will be encrypted) the problem probably lines between different versions of ntlm on your server and what endian expects. check the squid logs aswell eg error.log cos that will tell you if the username was invalid or what. Let me know if you have more issues because ive got other ideas.


    This was interesting
    http://developers.de/blogs/damir_dob...r-2008-r2.aspx






    Last edited by squeeky; 4th November 2010 at 11:25 PM.

  6. #6

    Join Date
    Nov 2008
    Location
    Derby, UK
    Posts
    169
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    13
    Thanks for the screenshots, the only thing I was missing was the DNS routing which iv added, and just in the process of restarting the system.

    Iv installed wireshark on the AD server and first initial capture didnt show any packets coming from my client, and that was from an XP machine, I will try again to confirm.

    I do get TCP denied errors in the proxy log tho.

  7. #7

    Join Date
    May 2009
    Posts
    257
    Thank Post
    37
    Thanked 10 Times in 10 Posts
    Rep Power
    13
    Well the information doesnt go straight from the XP client to the Windows Server. It goes like this XP Auth ----> Squid (endian) pass access controls -----> windows server.
    Last edited by squeeky; 5th November 2010 at 02:11 PM.

  8. #8

    Join Date
    Nov 2008
    Location
    Derby, UK
    Posts
    169
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    13
    Just had another look Wireshark shows communication with the firewall. I can see the firewall sending request to the AD server but, when the ad server replies it show error packets with a STATUS_PIPE_DISCONECTED error

  9. #9

    Join Date
    May 2009
    Posts
    257
    Thank Post
    37
    Thanked 10 Times in 10 Posts
    Rep Power
    13
    Hmm. Thats new. Im pretty sure thats to do with security settings on AD server. Can show a copy of the error log that squid gives ?

  10. #10

    Join Date
    Nov 2008
    Location
    Derby, UK
    Posts
    169
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    13
    Hope this helps

    Untitled.jpg

  11. #11

    Join Date
    May 2009
    Posts
    257
    Thank Post
    37
    Thanked 10 Times in 10 Posts
    Rep Power
    13
    It does but to find out more i need you to SSH in to the endian box and get /var/logs/squid/error.log and paste it here because the log you shown is access.log

  12. #12

    Join Date
    Nov 2008
    Location
    Derby, UK
    Posts
    169
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    13
    I`m not sure how to actually get the file off the box, if you can talk me through it i`ll do it.

  13. #13

    Join Date
    May 2009
    Posts
    257
    Thank Post
    37
    Thanked 10 Times in 10 Posts
    Rep Power
    13
    Have you got ssh enabled ? if so download WINSCP (an ssh file manager) and then login that way using your terminal username and password. If not you can enable it on the web interface

  14. #14

    Join Date
    Nov 2008
    Location
    Derby, UK
    Posts
    169
    Thank Post
    0
    Thanked 3 Times in 3 Posts
    Rep Power
    13
    Iv already got SSH enabled did it throught the web interface, i`m using Putty

  15. #15

    Join Date
    May 2009
    Posts
    257
    Thank Post
    37
    Thanked 10 Times in 10 Posts
    Rep Power
    13
    putty wont really help you. If you use WINSCP youll see you entire file structure and can just drag the files to your hard disk.


    or do vi (or vim)

    vi /var/log/squid/error.log

    or

    vim /var/log/squid/error.log

    send a screenshot of the bottom of that file over
    to quit type :q
    Last edited by squeeky; 5th November 2010 at 04:32 PM.



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Endian Firewall and Windows Updates
    By Craig_W in forum *nix
    Replies: 7
    Last Post: 6th December 2011, 04:05 PM
  2. firewall
    By kevin_lane in forum Windows Server 2008 R2
    Replies: 3
    Last Post: 27th October 2010, 02:49 PM
  3. Endian Firewall Problems
    By Craig_W in forum *nix
    Replies: 3
    Last Post: 31st July 2007, 03:17 PM
  4. Endian Firewall
    By Craig_W in forum *nix
    Replies: 10
    Last Post: 6th July 2007, 05:23 PM
  5. Endian firewall
    By plexer in forum *nix
    Replies: 16
    Last Post: 2nd October 2006, 11:15 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •