Captive portal , specific group Active directory auth

Home Page Forums Network Management ZeroShell Captive portal , specific group Active directory auth

This topic contains 4 replies, has 0 voices, and was last updated by  maxip 10 years, 5 months ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #41138

    maxip
    Member

    Hi, I already have an active portal working with AD auth, i am wondering if is possible to authenticate users only in specific group in the AD, P ex. Wireless users group, i mean that captive portal auth works only for users in that group.

    thanks in advance, best regards!

    great product!

    #46770

    imported_fulvio
    Participant

    You can’t use group authorization if your captive portal is configured to authenticate against Kerberos 5. The workaround is to enable IAS (the RADIUS service of Microsoft Active Directory) and configure the captive portal to use RADIUS. In this case, you can set IAS authentication only to the users belonging to a specified group.

    Regards
    Fulvio

    #46771

    maxip
    Member

    I will try this,
    In the radius auth, the password are send in clear text to the ias?

    best regards.

    #46772

    imported_fulvio
    Participant

    Configuring the RADIUS authentication domain you can select the authentication request type among one of the following:

    – PAP (the password is not encrypted)

    – PEAP with MS-ChapV2 (an encrypted TLS tunnel is used before to user Ms-Chapv2)

    -EAP-TTLS with PAP (an encrypted TLS tunnel is used before to user PAP)

    Regards
    Fulvio

    #46773

    maxip
    Member

    Hi,

    I successfully configure IAS (radius) and zeroshell to use this with PAP auth, but i can’t configure IAS to use EAP msCHAPv2 ( EAP TTLS not suported by IAS)

    can you help me with some tips to achive this.

    thanks

    best regards.

    #46774

    imported_fulvio
    Participant

    You should read the Microsoft documentation about IAS.

    Regards
    Fulvio

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.