Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 20 replies
  • Subscribers 1 subscriber
  • Views 6498 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[7.505] AD-SSO and HTTP/s Profile setup help

Benderle
Hi all,
I need to create an HTTP/s Profile for two users on my network to access sites that are normally blocked via the HTTP/s Global settings and the URL Filtering i have in place.

 I would like to accomplish this using AD-SSO which i have configured sucessfully on my ASG 220[7.505],  is this possible?   I created a "Backend membership Group using my Special use AD Group for my two users, but the profile did not allow them to see the sites that i have specified I want to allow.  

help!![:S]


This thread was automatically locked due to age.
Parents
  • 0
    What's in the User Authentication log at the time you got a correct answer from the test?  And at the time you got an incorrect answer without the group membership?

    Cheers - Bob
    PS If we don't get this on one of the next two steps, it'll be time to submit a ticket via MyAstaro...
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    on a sucessful test i get the following Window:



    and this is in the auth live log:

    2010:04:02-11:03:22 YWCAAstaro aua[6408]: id="3006" severity="info" sys="System" sub="auth" name="Spawned child for authentication test" 
    2010:04:02-11:03:22 YWCAAstaro aua[6408]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test request: m:adirectory, f:none, u:test, ip:" 
    2010:04:02-11:03:22 YWCAAstaro aua[6408]: id="3006" severity="info" sys="System" sub="auth" name="Testing method adirectory" 
    2010:04:02-11:03:22 YWCAAstaro aua[6408]: id="3006" severity="info" sys="System" sub="auth" name="Trying 192.168.1.6 (adirectory)" 
    2010:04:02-11:03:23 YWCAAstaro aua[6408]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test successfull" 





    When removing the "CN=" from the Group name in the backend membership setup.... and running the test I get this:


    and then this in the live auth log:
    2010:04:02-11:12:27 YWCAAstaro aua[6660]: id="3006" severity="info" sys="System" sub="auth" name="Spawned child for authentication test" 
    2010:04:02-11:12:27 YWCAAstaro aua[6660]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test request: m:adirectory, f:none, u:test, ip:" 
    2010:04:02-11:12:27 YWCAAstaro aua[6660]: id="3006" severity="info" sys="System" sub="auth" name="Testing method adirectory" 
    2010:04:02-11:12:27 YWCAAstaro aua[6660]: id="3006" severity="info" sys="System" sub="auth" name="Trying 192.168.1.6 (adirectory)" 
    2010:04:02-11:12:27 YWCAAstaro aua[6660]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test successfull" 
Reply
  • 0 in reply to BAlfson
    on a sucessful test i get the following Window:



    and this is in the auth live log:

    2010:04:02-11:03:22 YWCAAstaro aua[6408]: id="3006" severity="info" sys="System" sub="auth" name="Spawned child for authentication test" 
    2010:04:02-11:03:22 YWCAAstaro aua[6408]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test request: m:adirectory, f:none, u:test, ip:" 
    2010:04:02-11:03:22 YWCAAstaro aua[6408]: id="3006" severity="info" sys="System" sub="auth" name="Testing method adirectory" 
    2010:04:02-11:03:22 YWCAAstaro aua[6408]: id="3006" severity="info" sys="System" sub="auth" name="Trying 192.168.1.6 (adirectory)" 
    2010:04:02-11:03:23 YWCAAstaro aua[6408]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test successfull" 





    When removing the "CN=" from the Group name in the backend membership setup.... and running the test I get this:


    and then this in the live auth log:
    2010:04:02-11:12:27 YWCAAstaro aua[6660]: id="3006" severity="info" sys="System" sub="auth" name="Spawned child for authentication test" 
    2010:04:02-11:12:27 YWCAAstaro aua[6660]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test request: m:adirectory, f:none, u:test, ip:" 
    2010:04:02-11:12:27 YWCAAstaro aua[6660]: id="3006" severity="info" sys="System" sub="auth" name="Testing method adirectory" 
    2010:04:02-11:12:27 YWCAAstaro aua[6660]: id="3006" severity="info" sys="System" sub="auth" name="Trying 192.168.1.6 (adirectory)" 
    2010:04:02-11:12:27 YWCAAstaro aua[6660]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test successfull" 
Children
  • 0 in reply to Benderle
    GOT IT!!!!!

     I was attempting to use the "Special Use Group" network in the profile, instead i switched it to my "LAN network" and it's working perfectly.. with the log showing the authenticated user Via AD-SSO.. and the proper filtering actions...


    Thanks for the Help Bob!