In message <44B3C777 dot 4040304 at ricerage dot org>, Brian <mono at ricerage dot org>
>dlavecky at it dot uts dot edu dot au wrote:
>> Hi- thought I'd turn to the board for some help... I'm hoping to
>> authenticate incoming connections on the WAN link before permitting access
>> to a web server in the DMZ. There is a radius server in the LAN segment to
>> check against but I don't know how to configure captive portal to achieve
>> all this- I'm not having much success...
>> Any guidance / assistance would be much appreciated
>This isn't something you would use the captive portal for. CP is for
>authenticating outgoing users, not incoming from the WAN interface.
>Instead you should be looking at solutions on the web server itself. If
>you're using Apache, you may want to look into something along the
>lines of mod_auth_radius and htaccess. Good luck.
You may want to try mod_auth_xradius
(http://www.outoforder.cc/projects/apache/mod_auth_xradius/) instead of
mod_auth_radius. mod_auth_radius has a number of issues and doesn't
work for everyone (well it didn't for me!). mod_auth_xradius was
commissioned as a replacement and is modelled on the way the squid
radius helper functions.
Neil A. Hillard E-Mail: m0n0 at dana dot org dot uk