Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » No authentication when user go to SSL websites
  •  
kironet

Messages: 19
Karma: 0
Send a private message to this user
have just recently installed Kerio Control v7.2.2 . I set up that every user is required to log on using local users. Whenever i try to log on to an http website, kerio control website is redirected to authentication page once you input the username and password you have access to the website which is all good.

in the case when i go to https websites. kerio control website is not redirected to authentication page and users can browse without using their account .
any solved ????
thanks
  •  
kironet

Messages: 19
Karma: 0
Send a private message to this user
  •  
markt

Messages: 56
Karma: 4
Send a private message to this user
We control this using traffic rules - we have http in a rule before https, so users have to request a non-http page (such as one of the search providers) first to authenticate, then they are permitted access to https sites. As you, our users have to be authenticated prior to accessing web pages - we use domain users but thay shouldn't make any difference.
  •  
kironet

Messages: 19
Karma: 0
Send a private message to this user
thanks put can u tell me more ?
  •  
kironet

Messages: 19
Karma: 0
Send a private message to this user
how this plz

[Updated on: Mon, 05 March 2012 05:19]

  •  
markt

Messages: 56
Karma: 4
Send a private message to this user
In your traffic rules, you need at a minimum two rules.
The first should be to allow http protocol/service traffic for your users and your users must have to authenticate first - this is already setup reading your posts. The second rule must be after (below) the http rule and specify the https protocol/service and again for the users you wish to give access to.

Kerio will not prompt for authentication to https sites (I have had the same issue with other proxy / utm type products too, one of the drawbacks of tyring to control https traffic I'm afraid).

If you don't have https controlled by a rule and yet you have a final rule allowing everything else, then you will never be challenged to log in.

Hope this helps a little.
  •  
kironet

Messages: 19
Karma: 0
Send a private message to this user
  •  
kironet

Messages: 19
Karma: 0
Send a private message to this user
hayyy can u tell me how i try every thing i cant did it

like this :-

first rule



Source: ?
Destination: ?
Service: ?
Action:?
Log:
Translation: ??? NAT (default outgoing interface)
Protocol Inspector:???? Default

second rule :

Source: ?
Destination: ?
Service: ?
Action:?
Log:
Translation: ??? NAT (default outgoing interface)
Protocol Inspector:???? Default
Previous Topic: Block all except through vpn
Next Topic: VPN client connection to a different server in the LAN
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Nov 23 06:41:58 CET 2017

Total time taken to generate the page: 0.00423 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.