In this guide “HOW TO SETUP HTTP/HTTPS WEB PROXY FILTER ON OPNSENSE”, we will go a step further by trying to use the squid proxy feature that comes with most open source firewall solutions to block and prevent unwanted traffic from flowing into our network or from being accessed by our users.Read More
Just a quick reminder that this guide, “Login To Pfsense Using Active Directory Accounts”, does not show us how to authenticate against a squid proxy server using active directory accounts. Rather, it explains how to log into the web configurator graphical user interface for pfsense router using active directory accounts.
Like always, this is going to be a practical hands off guide.
Recently, we had a need in a small company that employs pfsense router and Microsoft active directory, to allow some users who are part of an active directory group access to log into the pfsense server. To make this work, we had to configure our Microsoft active directory server with the names of these users and then configure pfsense to allow them login to the web Gui.
So far, we have used the pfsense router cum firewall and the packages that it provides to serve as a firewall and proxy for our corporate environment. We tasted the powers of SquidGuard, were we where able to filter contents, only allowing access to certain sites using the common ACL rule, while blocking access to every other thing.
In this guide, “PFSense Squid Active Directory Authentication”, we will go a step further to grant access to the internet and allowed sites only to those who need access while completely denying access to all those who do not need it using microsoft active directory authentication.
To get up to date with what we are doing here, please familiarize yourself with these guide:
WPAD stands for web proxy auto discovery protocol. It is a protocol that helps clients to locate the URL of a configuration file using DHCP and/or DNS discovery methods. In our guides so far, we have installed pfsense firewall and made some basic configurations.
We also went as far as installing squid and squidguard, to help us cache, monitor bandwidth usage and allow or block access to certain sites.
What a heck! Squid? Yes, you heard right. But I am not referring to the squid that is similar to an octopus, with a distint head and eight to ten arms. Neither am i referring to spongebob in nickelodeon.
I am however, talking about a Linux base proxy server that can act as an intermediary, simply passing the client’s request on to the server and saving a copy of the requested object. If the same client or multiple clients request the same object before it expires from Squid’s cache, Squid can then immediately serve it, accelerating the download and saving bandwidth. You can read more about squid from thisRead More
Cacti is an open-source, network monitoring and graphing tool, that uses the industry-standard data logging tool, RRDtool. Cacti polls services at predetermined intervals and graphs the resulting data. It can graph time-series data of metrics such as CPU load and network bandwidth utilization. It can monitor network traffic by polling a network switch or router interface via Simple Network Management Protocol (SNMP).
The front end can handle multiple users, each with their own graph so it is sometimes used by web hosting providers to display bandwidth statistics for their clients.