Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 3 subscribers
  • Views 8415 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Profile with Basic Auth is denied

joequick
I just setup a PC for general/access the is basically a kiosk of sort.

I created a local user on the Astaro: Webinar
Password is xyz

I created a profile ConfRoom1, added the ip to the networks, gave it our normal filter assignments for testing, selected Basic User Auth and removed SSL scanning.

When I try to connect to google.com i get the popup box to enter my username and password. When I enter the info and click ok the boc reappears.

The auth log shows this: 
2009:03:13-17:04:22 qcspcxx1 aua[32276]: id="3006" severity="info" sys="System" sub="auth" name="checking if Webinar is enabled"

2009:03:13-17:04:22 qcspcxx1 aua[32276]: id="3006" severity="info" sys="System" sub="auth" name="user is enabled. Calling do_auth()"

2009:03:13-17:04:22 qcspcxx1 aua[32276]: id="3005" severity="warn" sys="System" sub="auth" name="Authentication failed" srcip="192.168.10.150" user="Webinar" caller="http" reason="DENIED" 


This is the first time I am using Local Auth. Am I missing something?

I got it to work using Remote AD Auth, but this computer is a standalone and not part of the domain.

Thanks.


This thread was automatically locked due to age.
Parents
  • 0
    If you cancel the auth after the first time, and try to surf again, does it work?

    Barry
  • 0 in reply to BarryG
    Remember that "Auth" and "Transparent Mode" are mutually exclusive.  Do you have the browser proxy settings in the stand-alone unit?
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Good Morning

    Would you like some help? Do we need more information about Profiles-Basic Protection on how to do the site programming in good practice format so that we do not make exceptions in Profiles-Basic to run the site?
    I would like documentation specifying how we should program the site so we do not get exceptions ..

    I would like a documentation of good practices .... Regarding the security modules Webserver Protection Firewall


    Thank you for your help

  • 0 in reply to Fabiano Feijo

    Olá Fabiano and welcome to the UTM Community!

    There's not really a best-practices document for Web Application Firewall.  The "trick" is to start in "Monitor" mode so that you can identify false positives  Then, as you see the protections you don't want to disable, you can determine what you programming might want to change on your site.

    Cheers - Bob
    PS Note that this thread is in the Web Filtering forum.  You will want to post your question in the Web Server Security forum.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    This is news, not something I remember because I have never seen it asserted anywhere else, and the user interface does not indicate any such restriction.

    The only restriction that I have seen is that SSO Authentication is incompatible with Transparent Web Proxy when traffic is flowing through a Bridged interface.   None of those apply in this case.

    I suspect the problem is that the Filter Profile is configured correctly, but it is not linked to an active Policy to which the kiosk user has been assigned.    My Wiki post may help him.

    https://community.sophos.com/products/unified-threat-management/w/utm-wiki/37/securing-and-configuring-web-filtering

  • 0 in reply to DouglasFoster

    The denied result in the user authorization log has me confused and bugged.  It says to me that the login failed - either a wrong password or something along those lines.   I assume you know the oasdword.  I have not done much with local accounts, so  I do not remember if they can be disabled, time restricted, or feature restricted on the account object.

    If web proxy was the problem, you would see blocked in the web log, rather than this result.

  • 0 in reply to DouglasFoster

    Doug, note that this thread is nine years old and that the version at that time was early 7.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply Children
No Data
Unfiltered HTML