Login To Pfsense Using Active Directory Accounts

Login
Just a quick reminder that this guide, “Login To Pfsense Using Active Directory Accounts”, does not show us how to authenticate against a squid proxy server using active directory accounts. Rather, it explains how to log into the web configurator graphical user interface for pfsense router using active directory accounts.
Like always, this is going to be a practical hands off guide.
Recently, we had a need in a small company that employs pfsense router and Microsoft active directory, to allow some users who are part of an active directory group access to log into the pfsense server. To make this work, we had to configure our Microsoft active directory server with the names of these users and then configure pfsense to allow them login to the web Gui.
Read More

Share This.

PFSense Squid Active Directory Authentication

PFSense Squid Active Directory Authentication

So far, we have used the pfsense router cum firewall and the packages that it provides to serve as a firewall and proxy for our corporate environment. We tasted the powers of SquidGuard, were we where able to filter contents, only allowing access to certain sites using the common ACL rule, while blocking access to every other thing.
In this guide, “PFSense Squid Active Directory Authentication”, we will go a step further to grant access to the internet and allowed sites only to those who need access while completely denying access to all those who do not need it using microsoft active directory authentication.
To get up to date with what we are doing here, please familiarize yourself with these guide:
1.
2.

Read More
Share This.

Setting Up WPAD Autoconfigure for PFSense Router

Setting Up WPAD Autoconfigure for PFSense Router

WPAD stands for web proxy auto discovery protocol. It is a protocol that helps clients to locate the URL of a configuration file using DHCP and/or DNS discovery methods. In our guides so far, we have installed pfsense firewall and made some basic configurations.
We also went as far as installing squid and squidguard, to help us cache, monitor bandwidth usage and allow or block access to certain sites.

Read More
Share This.

Squid Proxy Server and SquidGuard Configuration on Pfsense

Squid Proxy Server  and SquidGuard Configuration on Pfsense

What a heck! Squid? Yes, you heard right. But I am not referring to the squid that is similar to an octopus, with a distint head and eight to ten arms. Neither am i referring to spongebob in nickelodeon.

I am however, talking about a Linux base proxy server that can act as an intermediary, simply passing the client’s request on to the server and saving a copy of the requested object. If the same client or multiple clients request the same object before it expires from Squid’s cache, Squid can then immediately serve it, accelerating the download and saving bandwidth. You can read more about squid from this

Read More
Share This.

PORT FORWARDING FOR MICROSOFT RDP IN PFSENSE FIREWALL.

PORT FORWARDING FOR MICROSOFT RDP IN PFSENSE FIREWALL.

Microsoft Remote Desktop Protocol (RDP) is a  protocol developed by Microsoft, that provides users with a graphical interface to connect to another computer over a network connection.

In an internal network, it is possible to connect to another computer remotely using remote desktop protocol. However, the fun changes when you have to connect to your microsoft exchange(email) server box, or any computer running the microsoft operating system in your internal network from anywhere in the world using microsoft remote desktop protocol.

Read More
Share This.

How to block websites using pfsense firewall feature.

How to block websites using pfsense firewall feature.
For most intent and purposes, the squid proxy server/squidguard setup can be used to block specific websites from been accessed by users in our lan. You can use a blacklist as shown in the squid proxy server guide for pfsense

You can even go further to create rules to block one group of computers while giving access to another group or subnet.

Howerver, if you have configured certificates using the certificate manager in pfsense, then deployed them to your client machines and if you have configured squid to use ssl man in the middle filtering, then you should be alright as your pfsense proxy will monitor https traffic as well as http traffic and block websites according to your rule that use the https protocol e.g facebook.

Read More
Share This.