Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Answers 2 answers
  • Subscribers 28 subscribers
  • Views 13644 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Per user authentication on Terminal Server

EddyMinet

Hi,

 

I wonder if it is possible to authenticate different users (for firewalling / web filtering purpose) that are in multiple windows remote session on a single machine (single ip).

The AD transparent system seems to have a "per IP" behaviour.

I made a try with the authentication agent but noticed that those user that have not the agent installed in their sessions are seen in the UTM as the username that use the agent in the other session (should be anonymous).

Any clue about how to handle it ??



This thread was automatically locked due to age.
Parents
  • 0 in reply to sachingurung

    Hi Sachingurung,

    I've followed all the steps to install and configure SATC.

    At the moment I type this command in the console : "system auth thin-client add citrix-ip <server-ip>"
    Here is the strange behavior I get :

      - user appear in "Live users" with type "Thin client" (good)
      - the user aware firewall rule does not match
      - the userless firewall rule does match instead AND the webfilter policy applyed to it stop working for requests incoming from the RDS server ip ! so the user simply stop being filtered.
      - in logs : firewall logs that userless rule match (with no username) and webfilter logs nothing coming from the rds ip (no allow nor deny)

    I get this behavior even if I uninstall SATC on the server.

    So, when I disable the command ("system auth thin-client delete citrix-ip <server-ip>") the filtering system is working again.

Reply
  • 0 in reply to sachingurung

    Hi Sachingurung,

    I've followed all the steps to install and configure SATC.

    At the moment I type this command in the console : "system auth thin-client add citrix-ip <server-ip>"
    Here is the strange behavior I get :

      - user appear in "Live users" with type "Thin client" (good)
      - the user aware firewall rule does not match
      - the userless firewall rule does match instead AND the webfilter policy applyed to it stop working for requests incoming from the RDS server ip ! so the user simply stop being filtered.
      - in logs : firewall logs that userless rule match (with no username) and webfilter logs nothing coming from the rds ip (no allow nor deny)

    I get this behavior even if I uninstall SATC on the server.

    So, when I disable the command ("system auth thin-client delete citrix-ip <server-ip>") the filtering system is working again.

Children