Monday, August 8, 2022
ALTERNATIVE WAY
  • Home
  • Latest
  • News
  • World Tech
  • World Gaming
  • Guides
  • About The Team
  • Privacy Policy
  • Terms of Use
  • Contact Us
No Result
View All Result
  • Home
  • Latest
  • News
  • World Tech
  • World Gaming
  • Guides
  • About The Team
  • Privacy Policy
  • Terms of Use
  • Contact Us
No Result
View All Result
ALTERNATIVE WAY
No Result
View All Result

How to configure Captive Portal to authenticate users when accessing the internet with users synchronized from AD –

Gordon James by Gordon James
October 3, 2021
in World Tech Code
0 0
0
Home World Tech Code

Active Directory can be a pain to configure and manage. However, there are some simple ways to configure your AD to make it more usable for your IT staff. This blog post shows how to configure the LDAP server to authenticate users when they access your network from a public network – such as the Internet.

This article describes how to configure Captive Portal to authenticate users when accessing the internet with users synchronized from AD.

It has been a while since I last blogged about remote access authentication using the Microsoft ADFS 2.0. Since then I’ve been using the service to provide remote access to my users on both my local network and my on-premises Active Directory. The service has been very useful, as it allows me to provision access to my local servers, such as the office intranet.

1.What is the article’s purpose?

In this article, techbast will show you how to set up Captive Portal, which is a feature that allows you to authenticate users in your internal network when they access the internet using an account that is synchronized with AD in the system.

2.Diagram

word-image-11348

Details:

The internet connection will be made through the Sophos Firewall device’s Port 2 with the IP address 192.168.2.103.

The LAN subnet is set with DHCP and is configured at Port 1 of the device with IP 10.145.41.1/24.

There is also an AD Server with the IP 10.145.41.10/24 in the LAN subnet; on this server, an IT OU has been created; inside the IT OU, there is a Support group; within the Support group, there are users named user1, user2, and user3.

Laptop 1 is connected to the LAN and is assigned IP 10,145.41.50/24 via DHCP.

3.Scenario

will configure the Sophos Firewall’s Captive Portal so that when devices in the LAN area access and utilize the internet, they must authenticate with the AD Server’s synchronized account.

4.How should I proceed?

  • AD Sync
  • Import user and group information
  • Make a policy
  • Result

5.Configuring

Sync 5.1.AD

The first step is to sync Active Directory with Sophos Firewall.

To synchronize we go to CONFIGURE > Authentication > Server > click Add.

Configure the parameters as follows:

  • Select Active Directory as the server type.
  • LearningIT is the name of the server.
  • 10.145.41.11 is the server’s IP address and domain name.
  • Select the level of security for your connection. Plaintext
  • 389 (port)
  • LEARNINGIT is a NetBIOS domain.
  • Administrator is the ADS user name.
  • Password*: type the administrator account’s password.
  • Leave the display name attribute empty.
  • Attribute for email addresses: mail
  • *Learnit.xyz is a domain name.
  • Click Add, then enter dc=learningit,dc=xyz, then click OK.
  • To test the connection to the AD server, click Test connection.
  • Save the file.

word-image-11349

5.2.Import the Organization Unit and Group

We must import OU and Group from AD after successful AD sync.

To perform the import, click the icon as indicated in the image.

word-image-11350

When the Help window for the Import group wizard displays, click Start.

word-image-11351

Select dc=learningit,dc=xyz from the drop-down selection in Step 1: Provide a base DN for the group.

word-image-11352

Step 2: Select AD groups to import will display the current OUs and groups in AD; in this case, techbast will select the Support group in the IT OU as shown.

Nhấn nút “>” để tiếp tục.

word-image-11353

Press the “>” button to continue.

word-image-11354

Press the “>” button and OK to continue.

word-image-11356

To close the window, click Close.

word-image-11357

After importing, we can go to CONFIGURE > Authentication > Group to check if the group has been imported.

The Support group was then imported as a result.

word-image-11358

Next for the firewall device to authenticate users from AD we need to go to CONFIGURE > Authentication > Service.

We can see that we only do authentication for local accounts on the firewall in the Firewall authentication methods section.

LearningIT is checked. This is the server we just synced, and on the right side, we drag LearningIT above Local while holding down the mouse.

To save, click Apply.

word-image-11359

5.3.Develop a policy

The Captive Portal feature in the policy that permits the LAN to access the internet is the next step.

If we don’t already have a policy, we can create one by following the steps in the image below; if we already have one, we just need to configure the red portion as shown.

For unknown users, we choose Match Know User and Use Web Authentication.

Select the Support group we just imported in the Users or Groups section.

word-image-11360

5.4.Result

To check the findings, Techbast will start a browser and go to google.com on Laptop 1.

The authentication screen will next display, prompting us to enter our account and password.

will sign in with the user1 account, which is the synchronized account from AD.

word-image-11361

The message “Successful Login” appears.

word-image-11362

We can now use the internet.

It’s important to remember that we can’t turn off this authentication tab or we’ll have to re-authenticate.

Open a new tab and try to access Google again; you should now be able to browse the internet.

word-image-11363

YOU MIGHT ALSO BE INTERESTED IN

Captive Portal is a simple solution to allow access to a network to those who do not have access to the internet. The term “captive portal” refers to the fact that you are limiting the amount of time someone will be able to access the internet while they are connected to your network. By configuring the Captive Portal, you can configure a way of authenticating users. You can authenticate the user by looking for the unique SSID of the network they are connected to and then authenticating them if they are not logged on to your network.. Read more about which 2 of the following are methods of xg firewall authentication? and let us know what you think.

Related Tags

This article broadly covered the following related topics:

  • firepower captive portal
  • firepower active directory integration
  • cisco firepower user agent for active directory
  • fortigate captive portal not working
  • cisco firepower user agent for active directory download
Total
0
Shares
Share 0
Tweet 0
Pin it 0
Share 0
ShareTweetShare
Gordon James

Gordon James

Next Post

Fix: There was an error while preparing to share

  • Trending
  • Comments
  • Latest
How To Get Free Internet On Android Without Service

How To Get Free Internet On Android Without Service

March 10, 2022

🥇 +4 Neo Geo Emulators for Android  List ▷ 2021

October 3, 2021

Fix: Notifications not working on Nova Launcher

October 3, 2021

How to Fix OpenVPN Connected but Not Changing IP Address

October 3, 2021

Setting Up Directory Sync Between On-Premises Active Directory with Microsoft 365 Azure AD

0

🥇 DELETE ACCOUNT from PS4  ▷ Step by Step Guide ▷ 2020

0

🥇 PPTX File Extension  What is .Pptx and how to open them? ▷ 2020

0

🥇 Make a Crossword in Microsoft Word  Step by Step Guide ▷ 2020

0
Social Media App

Social Media App

August 4, 2022

7 Best Online Games to Brain Train Yourself

August 2, 2022

The Main purpose of Travis Scott Shoes

August 1, 2022

How to Use Throwables in PUBGM + More

August 8, 2022

There's always an alternative Way!
No Result
View All Result
  • Home
  • Latest
  • News
  • World Tech
  • World Gaming
  • Guides
  • About The Team
  • Privacy Policy
  • Terms of Use
  • Contact Us

© 2022 - Alternative Way

No Result
View All Result
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
    • Home – Layout 4
    • Home – Layout 5
  • Travel News

© 2022 JNews - Premium WordPress news & magazine theme by Jegtheme.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT