Does it support captive portal functionality on *two* different interfaces? We are a boarding school with separate networks for classrooms and dorm areas (one WAN IF and two LAN IFs).
The current release’s captive portal only supports 1 interface. You could use the captive portal on more than one interface only by bridging them or using another router that has the captive portal as default gateway.
Users connecting to the dorm area network should have the ‘normal’ captive portal login web page. However all students connecting from the classrooms are already logged on to the w2003 domain controllers. Does ZS support some kind of ‘silent login’ for authenticated domain users (assuming of course that ZS is already connected to these domain controllers AD).
No it’s not possible. You could create X.509 personal certificate for the students and use them to authenticate the captive portal without username and password.
What about logging? Does ZS support reporting with username and total downloads sorted by port number..?
The captive portal log records username, IP and MAC address. The connection tracking log, if enabled, stores source IP, source port, destination IP and destination port. If you enable the web proxy with antivirus zeroshell also logs the url of the visited sites.
And finally, doest it provide efficient ways to discourage creative torrent users? Currently we have problems keepng a few clever users from using most of our bandwidth…
Zeroshell uses Layer 7 filters and IPP2P to identificate P2P and other type of traffic that is not easy to track by using tcp/udp port numbers.
I have not experience with bit torrent shaping.