This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

User Access cntrl for internet

hello,

is there anyway to give internet access to users, who authenticate via browser portal.

i see only below access

  • Manage your Email quarantine & view your mail activity log
  • Maintain a personal antispam white & black list
  • Download the authentication client
  • Download remote access VPN software packages
  • Change your password (if your account is managed on this system)


This thread was automatically locked due to age.
Parents
  • Ahlan Feroz,

    Dirk's idea of defining a Hotspot on the External interface is very creative!  You also might consider an HTML5 VPN definition.  If you have more than a few active users on HTML5 VPNs, your UTM will get very slow.  Let us know what you wind up doing.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Ahlan Feroz,

    Dirk's idea of defining a Hotspot on the External interface is very creative!  You also might consider an HTML5 VPN definition.  If you have more than a few active users on HTML5 VPNs, your UTM will get very slow.  Let us know what you wind up doing.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • Thanks for your reply, do you have any link to follow, never tried this option, also once the Hotspot is configured, i can give them access by local authentication instead of giving their ip on UTM right ?

  • the hotspot portal must be bound to an inbound interface.

    if the way over the UTM is for restricted access only, you may bind the Portal to the internal client-LAN-interface.

    But all traffic going through this interface would be restricted (not only internet but other connected networks too ... like DMZ/printer/...)

    ... and because the Client-MAC is registered as identity .... the Clients must be connected within same subnet (without routing between UTM & Client)

    Possible another option ... a authenticated webfilter-policy ... works for browser-traffic only...


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • any docs related to

    "authenticated webfilter-policy"

  • at this point you can click the question mark (at the top) and get pretty good help.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

  • so by changing the authentication method to browser means, this will affect the other allowed Network Interface also right ?

    example in my config Internal interface is there and i added new interface means the authentication will applies to both interface ?

  • yes, if this is a problem ... try/use webfilter profiles.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.