[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  Michael Monaghan <mmonaghan at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] External Authentication
 Date:  Sat, 11 Sep 2004 17:51:16 -0400
On Sat, 11 Sep 2004 17:39:30 -0400, Michael Monaghan
<mmonaghan at gmail dot com> wrote:
> Radius authentication and the Captive Portal together seem as if they
> might be able to answer this and keep us with one set of credentials.
> I'm thinking that we might put the m0n0wall behind our existing
> firewall and open 443 to use SSL and Captive Portal.  I'm guessing
> I'll need to use two IPs but I haven't tested anything yet.  I know
> this is less than ideal, but under the ugly circumstances its the best
> thing going.

In the case of using RADIUS auth, this would be a nice feature to
have, and wouldn't be quite as bad to support.  I didn't realize you
were talking about internal employees, I was thinking customers for
some reason.  Since you could use this to authenticate them with the
username/password they use for everything else, that would work out
well.  Of course captive portal doesn't support HTTPS yet, so for now
they'd be passing their credentials over the net in clear text.

If you manage to get it working, please send me some details and I'll
document it in the Users Guide.