Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Daley Lay on June 11, 2002, 12:52:00 PM
-
Hi There,
Pls help, my proxy user authentication is stop working, i don't know what is the problem, the user is bypsssing the password prompt to access the internet now, what shd i do???
regards,
Daley
-
Check /etc/squid/squid.conf file for auth rules. Can't remember exactly but should be something like "http access proxy_auth REQUIRED" followed by some ACL's. If this is not present - rebuild the template with /sbin/e-smith/expand-template /etc/squid/squid.conf and also try restarting squid /etc/rc.d/init.d/squid restart or maybe service squid restart.
-
is any howto for this??Lloyd Keen wrote:
>
> Check /etc/squid/squid.conf file for auth rules. Can't
> remember exactly but should be something like "http access
> proxy_auth REQUIRED" followed by some ACL's. If this is not
> present - rebuild the template with
> /sbin/e-smith/expand-template /etc/squid/squid.conf and also
> try restarting squid /etc/rc.d/init.d/squid restart or maybe
> service squid restart.
-
How about the http://linux.made-to-order.net/article138.html??? does it help...
-
Quick howto:
Download the rpm from here: http://www.comnetel.com/tmp-mitel-pam-auth-0.1-1.noarch.rpm
Installation:
#rpm -Uvh tmp*
restart squid:
#/etc/rc.d/init.d/squid restart
Now set your browser to use the proxy server.
-
Hi Keen,
I'm currently running squidguard30, can i install it???
-
I haven't really had a look at Trevor's stuff, I presume its for blocking porn or similar. The rpm that I used will basically just authenticate all valid e-smith users through squid. I imagine that those authenticated users are then passed on to squidguard for further authentication - so YES it should work just fine.
-
well, i assume this is the password authentication for proxy user to access through squid, what about your earlier mentioned - check /etc/squid/squid.conf file for auth rules and http access proxy_auth REQUIRED" and rebuild the template.
Thanks.
-
This rpm will add those lines to /etc/squid/squid.conf for you.
-
Its necesary to configure the browsers to use the proxy?, i read that sme 5.1.2 has transparent proxy by default, or am i wrong? and if you had to configure the browsers how can you block the clients that doesnt use it (i mean only nat)?
-
Yes you MUST set the browser to use the proxy server, you can't authenticate against a Transparent Proxy (which e-smith has by default). If you want to block particular users then you'd setup an Access Control List for those users.
-
I'm using e-smith-squid on 4.1.2
Works just fine. You configure it by browser
http://e-smith.dyndns.org/
Cheers
-
Hi Patrick,
yes, but the e-smith-squid does not really work on 5.1.2.
-
Hi Keen,
It is using the /etc/passwd to authenticate, well, if you look at the e-smith-squid installed, you will have the separate passwd control for authentication check which is stored /etc/squid/squidpasswd, this means that only selected users are allow to access internet, how can i change it???
-
Hi Keen,
> This rpm will add those lines to /etc/squid/squid.conf for you.
what lines added?
-
Edgar wrote:
>
> Its necesary to configure the browsers to use the proxy?, i
Have a look here if you are running IE
http://www.drbig.co.uk/sdownload/index.php?op=showfiles&catid=6
You can then set IE to autodiscovery with this installed and it will then save all the config hassle
-
Hi Edgar,
There two versions, which one shd i install? Thkx.
-
Hi Edgar,
Pls help, i can't download the file... tmp-mitel-proxy-discovery-0.1-1.noarch.rpm or tmp-mitel-proxy-discovery-0.1-1.src.rpm...
-
Can you help Daley with download Fred?
-
i got no problem with downloading the file, you got to use the noarch version, the other one is the source!
-
Hi Ed,
Downloaded but file name 'download.php', tried IE and opera... this file is only auto discover the proxy, in order words, as long as your user in /etc/passwd, then they are allow to access the net.
In view of the e-smith-squid.xxx.rpm, it created the difference 'squidpasswd' passwd file for authentication check, which means that only selected user is allow. can i split the squid passwd check instead of using the /etc/passwd?
Regards,
Daley