> What I want is to be able to auth to a radius server when a request
> comes to the f/w from the WAN interface on port 80, if the
> auth succeeds
> then they get allowed through the rule base to a web server running on
> the LAN interface ....
This sounds similar to Netscreen's WebAuth feature.
With a Netscreen, you can use a HTTPS login to open particular rules for
the user that logged in. The rules are dynamic and are only open to the
originating IP of the login (NAT on the source end can be an issue.)
I think it would be a nice feature also, but I don't think it really
belongs in m0n0wall. pfSense would be a better candidate for this