Wei Ming Long said: > Hi everyone, > I have been tasked with a project to grant web access to some laptop > clients. > I have some wireless clients & some of them have permission to surf the > internet & others don't. All web requests on port 80 are redirected by > iptables to the Squid proxy server, can I use Freeradius to authenticate > the > users before sending the requests out into the internet. And if the users > are > not allowed to surf the internet, a web page will be sent to them telling > them > they are denied access. Can this be done? has anybody done this & care to > share their experience & knowledge with me? Please help me. Thanks. > > Best regards > Matthew
Squid when running in transparent mode (as you currently have) can't do authentication, not to my humble knowledge anyway. So you would have to configure each client with the appropriate proxy settings and disable interception/transparent proxying. You can use PAM to get squid to authenticate via a radius server, or use the Squid RADIUS Authenticator module from http://selm.www.cistron.nl/authtools/ . As for the deny page - squid will throw one up by default, you can customise it if you like. -- Regards, Ben Johns http://www.naturalnetworks.net http://www.marinanet.com.au http://www.accessplus.com.au - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
