This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Browser (Default Authentication)

Hi folks.
I have never used any form of "user authentication".
Recently upgraded to UTM 9.2 - and now wanting the users to login before using internet.
I have tried multiple combinations to get this working - my understanding from help material is a user can login via browser, with authentication from the user setup in UTM.
So the issue is: "Authentication failed"

2014:05:27-20:50:17 luci aua[21988]: id="3005" severity="warn" sys="System" sub="auth" name="Authentication failed" srcip="x.x.x.26" user="Craig" caller="http" reason="DENIED"
2014:05:27-20:54:04 luci aua[3299]: id="3006" severity="info" sys="System" sub="auth" name="Child 21988 is running too long. Terminating child"
2014:05:27-20:54:04 luci aua[22297]: id="3005" severity="warn" sys="System" sub="auth" name="Authentication failed" srcip="x.x.x.26" user="Craig" caller="http" reason="DENIED"
2014:05:27-20:55:06 luci aua[3299]: id="3006" severity="info" sys="System" sub="auth" name="Child 22297 is running too long. Terminating child"
2014:05:27-20:55:06 luci aua[22422]: id="3004" severity="info" sys="System" sub="auth" name="Authentication successful" srcip="x.x.x.26" user="Craig" caller="portal" engine="local"
2014:05:27-20:56:45 luci aua[3299]: id="3006" severity="info" sys="System" sub="auth" name="Child 22422 is running too long. Terminating child"
2014:05:27-20:56:45 luci aua[22573]: id="3005" severity="warn" sys="System" sub="auth" name="Authentication failed" srcip="x.x.x.45" user="Mandi " caller="http" reason="DENIED"

Although access to "User Portal" works just fine

2014:05:27-20:55:06 luci aua[22422]: id="3004" severity="info" sys="System" sub="auth" name="Authentication successful" srcip="x.x.x.26" user="Craig" caller="portal" engine="local"

Ok its probably something really simple - so if any of you can point me in the right direction for documentation and setup - much appreciated

Nothing in FireWall logs

HTTP logs

2014:05:27-20:48:20 luci httpproxy[5215]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="x.x.x.26" dstip="" user="Emma" statuscode="302" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="2645" request="0x1a087320" url="passthrough.fw-notify.net/login" exceptions="fileextension" error="Received invalid authentication data" authtime="0" dnstime="0" cattime="0" avscantime="0" fullreqtime="59126" device="1" auth="4"
2014:05:27-20:49:26 luci httpproxy[5215]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="x.x.x.26" dstip="" user="Craig" statuscode="302" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="2645" request="0x18ed2ee0" url="passthrough.fw-notify.net/login" exceptions="fileextension" error="Received invalid authentication data" authtime="0" dnstime="0" cattime="0" avscantime="0" fullreqtime="15914" device="1" auth="4"
2014:05:27-20:50:08 luci httpproxy[5215]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="x.x.x.26" dstip="" user="" statuscode="404" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="2629" request="0x196fe220" url="passthrough.fw-notify.net/favicon.ico" exceptions="fileextension" error="File not found" authtime="0" dnstime="0" cattime="0" avscantime="0" fullreqtime="337" device="1" auth="4"
2014:05:27-20:50:17 luci httpproxy[5215]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="x.x.x.26" dstip="" user="Craig" statuscode="302" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="2645" request="0x199b5320" url="passthrough.fw-notify.net/login" exceptions="fileextension" error="Received invalid authentication data" authtime="0" dnstime="0" cattime="0" avscantime="0" fullreqtime="10793" device="1" auth="4"
2014:05:27-20:54:04 luci httpproxy[5215]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="x.x.x.26" dstip="" user="Craig" statuscode="302" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="2645" request="0x19f10440" url="passthrough.fw-notify.net/login" exceptions="fileextension" error="Received invalid authentication data" authtime="0" dnstime="0" cattime="0" avscantime="0" fullreqtime="11778" device="1" auth="4"
2014:05:27-20:56:04 luci httpproxy[5215]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="x.x.x.45" dstip="" user="" statuscode="404" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="2629" request="0xe3c6880" url="passthrough.fw-notify.net/favicon.ico" exceptions="fileextension" error="File not found" authtime="0" dnstime="0" cattime="0" avscantime="0" fullreqtime="253" device="1" auth="4"
2014:05:27-20:56:45 luci httpproxy[5215]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="x.x.x.45" dstip="" user="Mandi " statuscode="302" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="2645" request="0xe3c7980" url="passthrough.fw-notify.net/login" exceptions="fileextension" error="Received invalid authentication data" authtime="0" dnstime="0" cattime="0" avscantime="0" fullreqtime="9177" device="1" auth="4"
2014:05:27-20:56:52 luci httpproxy[5215]: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="POST" srcip="x.x.x.45" dstip="" user="Mandi" statuscode="302" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="2645" request="0x19349dc0" url="passthrough.fw-notify.net/login" exceptions="fileextension" error="Received invalid authentication data" authtime="0" dnstime="0" cattime="0" avscantime="0" fullreqtime="8708" device="1" auth="4"

Craig

This thread was automatically locked due to age.

Parents

0 ManuelKarl over 11 years ago

Hello,

can you please post/show the policy-settings? Which users/groups (if any) are defined in these?

Thx,

Manuel
Cancel
Vote Up 0 Vote Down

Cancel
0 vicegod over 11 years ago in reply to ManuelKarl

Hi Manuel

Yes! It was the Policies - I had not defined the user subset for access -Makes sense. My opinion is that the UTM Online help given for the new interface does not give clear guidelines on the user information.

I have attached screenshots for other folks who may have experienced the same difficulties.

Cheers
Craig
- NoUsers.png
- View
- Hide
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 vicegod over 11 years ago in reply to ManuelKarl

Hi Manuel

Yes! It was the Policies - I had not defined the user subset for access -Makes sense. My opinion is that the UTM Online help given for the new interface does not give clear guidelines on the user information.

I have attached screenshots for other folks who may have experienced the same difficulties.

Cheers
Craig
- NoUsers.png
- View
- Hide
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data