Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Help with web authentication
  •  
hrivera

Messages: 6
Karma: 0
Send a private message to this user
Hello everybody. I'm new to Kerio Control and I like it a lot so far. I'm trying to use Kerio's "require users to be authenticated to access web pages" option as my captive portal. I've integrated Kerio with an Active Directory and I pull authentication credentials from there. Is there a way to force authentication for users that connect through a specific interface/VLAN only?

For example:
Suppose my setup is Single Internet Link > 2 LAN interfaces (1 for the computers connected via ethernet cable and the other one for the WiFi devices). I would like the captive portal to work only for devices which access the internet through WiFi.
  •  
Brian (GFI/Kerio)

Messages: 763
Karma: 75
Send a private message to this user
When you enable this option, it applies to all local networks (except guest interfaces). However, you can build a policy that does NOT require authentication for specific networks. You can do this in the content filter. Create a rule where the detected content is 'any', the source is an IP address group that includes anyone that does not need to authenticate, and for the action you allow the traffic and check the box to not require authentication.

However, in your case I suggest a slightly different approach. Since you want to apply authentication only to a wireless LAN, I suggest to not use the "require users to be authenticated" option. Rather, you should use RADIUS (WPA2-enterprise). This option will force users of your wireless network to authenticate with their credential immediately when joining the wireless LAN, rather than after they join. WPA2-enterprise is a much more secure and manageable approach. http://kb.kerio.com/1648

Brian Carmichael
Instructional Content Architect
  •  
hrivera

Messages: 6
Karma: 0
Send a private message to this user
Thanks for your quick response, I will look into RADIUS (WPA2-enterprise), it does sound as a better approach. Again, thanks a lot.
Previous Topic: Uptime
Next Topic: load balance issue
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Oct 23 19:23:00 CEST 2017

Total time taken to generate the page: 0.00442 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.