On 23/9/2011 12:41 πμ, Markus Moeller wrote:
A bit. Yor Kerberos setup seems not ro work as the client tries to use
NTLM instead
Thanks Markus,
I used Wireshark. I opened IE and requested site www.example.com:
HTTP GET http://www.example.com/ HTTP/1.1
and saw that the browser,
On 23/9/2011 10:25 πμ, Markus Moeller wrote:
This is an incomplete Active Directory setup (or Kerberos if you don't
use AD).
Thanks Markus,
As you may have seen from earlier posts, I am using MIT Kerberos on
CentOS. I don't have Active Directory but I am using OpenLDAP which
serves as
On 23/9/2011 2:23 μμ, Markus Moeller wrote:
This now goes more into how to setup Windows clients ( Do I
understand right taht you use IE on XP or Windows 7) with MIT Kerberos.
Yes, I am using IE 8 and/or Firefox 6 on Windows XP with MIT Kerberos.
Therer are several guides for this like
On 20/9/2011 4:53 μμ, Luis Daniel Lucio Quiroz wrote:
c) you may relay secure auth with radius+https, after auth sucessful
with a browser that client ip shall surf
Hi Luis,
Please give me some details on the radius scenario:
How does this relaying of radius authentication should be setup?
On 22/9/2011 8:47 πμ, Nikolaos Milas wrote:
Many thanks Markus,
I also discovered, after each authentication attempt from the browser,
in squid cache.log the following errors:
A question that might shed some light:
Do I have to create a kerberos host and service for every final client
On 21/9/2011 10:57 πμ, Jenny Lee wrote:
One option might be to turn on the TCP NODELAY option on both ends. On the
server, include the following options:
socket = l:TCP_NODELAY=1
and on the client include:
socket = r:TCP_NODELAY=1
Thanks Jenny,
I had tried already and it didn't provide any
Hello,
I am setting up Kerberos auth on squid (3.1.15), but it won't work.
Browser (IE 8) keeps on poping up the username/password window, but
authentication is never successful. Yet, I don't see any logging of
failed authentication attempts in kerberos logs at all! It's as if squid
is not
On 22/9/2011 2:35 πμ, Markus Moeller wrote:
Did you follow the wiki
http://wiki.squid-cache.org/ConfigExamples/Authenticate/Kerberos ? Did
you use the -d option with squid_kerb_auth ?
Many thanks Markus,
I also discovered, after each authentication attempt from the browser,
in squid
Hello,
I am setting up Squid to enable users to use it as a web proxy server.
My problem is how to enable encrypted user authentication.
On the back-end we are using an LDAP Server (openldap) for user account
management and authentication. Squid works fine with LDAP, but
browser-level
On 20/9/2011 9:56 πμ, Nikolaos Milas wrote:
Hello,
I am setting up Squid to enable users to use it as a web proxy server.
My problem is how to enable encrypted user authentication.
Please also note that I also tried using Squid + Stunnel to achieve
secure user authentication, according
On 20/9/2011 8:58 μμ, Jenny Lee wrote:
I don't know if stunnel uses TCP or not.
Thanks for your thoughts Jenny.
Stunnel works with SSL, which runs only on TCP. (Ref.:
http://www.stunnel.org/?page=faq.)
But OpenVPN has an option to use TCP. You will find that VPN over UDP
is 3 times
On 20/9/2011 4:53 μμ, Luis Daniel Lucio Quiroz wrote:
...
There are 3 more way and you shall evaluate what fits the best for you.
a) you may use Kerberos auth, many browsers suppor it right now.
b) you may use NTLM2 auth, helper is available at samba package
c) you may relay secure auth with
12 matches
Mail list logo
