CiscoAP->Freeradius->AD->ISA(ntlm authentication)
Konne
bridge_stone at gmx.net
Tue Jan 3 09:14:24 CET 2006
hi @ all,
is it possible to do following:
my wireless-clients will authenticate through a ciscoAP. the client will
be routed automatically to the chillispot login page. on the same server
is freeradius installed. Freeradius looks in the ActiveDirectory if the
user exists and has the rights to connect to the internet. if the
authentication is ok, the user must surf over a ISA because there is
installed websense. we have a windows domain and so we use a secure ntlm
authentication. is it possible to have a transparent authentication
through the isa-server. i mean if the client is in the condition that he
can send the ntlm authentication, that he doestn't have to authenticate
twice times. one time on the chillispot and the second on the isa
server. is there any possibilty?
my network, all cisco network devices (aironet 1424, catalyst 3750)
(( ))
wireless-clients (( )) AP - - - - - [routed network/VLANS]- - -
- - freeradius/chillispot
(( )) |
|
|
|
|
ActiveDirectory/LDAP
|
ISA/Websense
[ntlm authentation required]
|
|
Firewall
|
Router
|
Internet
thx
More information about the Freeradius-Users
mailing list