From owner-freebsd-questions@FreeBSD.ORG Mon Jan 24 13:30:34 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4E9C116A4CE for ; Mon, 24 Jan 2005 13:30:34 +0000 (GMT) Received: from mail9.messagelabs.com (mail9.messagelabs.com [194.205.110.133]) by mx1.FreeBSD.org (Postfix) with SMTP id D93C243D39 for ; Mon, 24 Jan 2005 13:30:32 +0000 (GMT) (envelope-from Michael.Walker2@capita.co.uk) X-VirusChecked: Checked X-Env-Sender: Michael.Walker2@capita.co.uk X-Msg-Ref: server-26.tower-9.messagelabs.com!1106573424!16500135!1 X-StarScan-Version: 5.4.5; banners=-,-,- X-Originating-IP: [194.129.126.228] Received: (qmail 16718 invoked from network); 24 Jan 2005 13:30:27 -0000 Received: from mailhost.capita.co.uk (HELO capitawemmime01.capita.co.uk) (194.129.126.228) by server-26.tower-9.messagelabs.com with SMTP; 24 Jan 2005 13:30:27 -0000 Received: from ems-imcl1.central.ad.capita.co.uk (unverified) by capitawemmime01.capita.co.uk ; Mon, 24 Jan 2005 13:30:20 +0000 Received: by EMS-IMCL1.central.ad.capita.co.uk with Internet Mail Service (5.5.2657.72) id ; Mon, 24 Jan 2005 13:30:21 -0000 Message-ID: From: "Walker, Michael" To: Gareth Bailey , freebsd-questions Date: Mon, 24 Jan 2005 13:30:15 -0000 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain; charset="ISO-8859-1" X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: RE: Internet sharing authentication X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jan 2005 13:30:34 -0000 > Greetings, > > I have set up a FreeBSD gateway/firewall with ipf and ipnat in the > past, but I am now confronted with a new challenge. I need to setup > the firewall to only allow internet (www) access to users who > successfully authenticate themselves with a username/password > combination. > > Ideally, a user will open their web browser and be confronted with a > authentication popup before gaining access to browse the web. Users > should be able to access mail without authentication. > > Please advise on what I might use to do this. > > Thanks, > Gareth You could setup some kind of proxy server on the gateway machine, and configure all the clients to use that as their primary proxy. HTH Mick ********************************************************************************** This email and any files transmitted with it are confidential, and may be subject to legal privilege, and are intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error or think you may have done so, you may not peruse, use, disseminate, distribute or copy this message. Please notify the sender immediately and delete the original e-mail from your system. Computer viruses can be transmitted by e-mail. Recipients should check this e-mail for the presence of viruses. The Capita Group and its subsidiaries accept no liability for any damage caused by any virus transmitted by this e-mail. ***********************************************************************************