Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » NTLM as Hotspot
  •  
alaa

Messages: 25
Karma: 2
Send a private message to this user
Hello
I need kerio control as hotspot
if any body trying to connect to wifi or local lan he must get login page to enter his login details
after I enabled NTLM
I noted that all https are working
also viber & Skype are working !!
how can I solve this issue please
  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
If you want all your users to login via login page, why did you enable NTML ?

Petr Dobry
Product Development Manager | Kerio
  •  
alaa

Messages: 25
Karma: 2
Send a private message to this user
i have wifi with no password
any one can connect to it and access internet direct
so that i enabled NTLM to forcing them to enter login page without having access to internet untill get (username+password)
i will suppose that i added some users to allow them to get full access to internet
for example (Dody & Soso & Mesho)

the problem if new body connected to my wifi and he don't have(user+pass) he will not able to access webpages (http)he will get login page, but he will have full access to open SSL sites (https) + viber+facebook apps+etc..

it supposed he have no access to any internet untill he login
  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
alaa wrote on Tue, 14 October 2014 17:38
so that i enabled NTLM to forcing them to enter login page without having access to internet untill get (username+password)
That's not what NTLM is for. Please read http://en.wikipedia.org/wiki/NT_LAN_Manager

Quote:
but he will have full access to open SSL sites (https) + viber+facebook apps+etc..
it supposed he have no access to any internet untill he login
If you want to allow access to the Internet (for any protocol) only for authenticated users, you need to specify that in traffic rules - http://kb.kerio.com/product/kerio-control/security/configuri ng-traffic-rules-limiting-internet-access-1313.html

Petr Dobry
Product Development Manager | Kerio
  •  
alaa

Messages: 25
Karma: 2
Send a private message to this user
great KB, i read all of them thanks.
now the clients who have (user name and password) can access internet in case i add them in one group for example (registered clients group) in traffic Nat
for non registered clients (not have both username&password) they get cannot find page, which mean the Kerio only give Nat for (registered client group)
how can unregistered client get Login page then get full access after i give them details ?

[Updated on: Tue, 14 October 2014 21:56]

  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
They need to go to http://your_Kerio_Control:4080 and log in.

Petr Dobry
Product Development Manager | Kerio
  •  
alaa

Messages: 25
Karma: 2
Send a private message to this user
Dear petr that is right, they get page and full access after entered them (use&pass)
But how to enforce them to go kerio login page automatic instead of manual
My current traffic rules
Www / Trusted local interfaces-->internet interfaces-->any-->NAT balancing per host
Internet access NAT. / Registered clients-->internet interface-->any-->NAT balancing per host
  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
They'll be redirected the first time they open internet browser automatically.

Petr Dobry
Product Development Manager | Kerio
  •  
sorat

Messages: 54
Karma: 2
Send a private message to this user
@Petr Dobry If you allow HTTPS in protocols, captive portal injection wont work. See this thread http://forums.kerio.com/t/28057// Is this intended, justified by something, or simply bug?
Previous Topic: UDP ports
Next Topic: Automatic redirect to login screen
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Aug 20 08:06:01 CEST 2017

Total time taken to generate the page: 0.00523 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.