[vox-tech] alternative on linux authentication approach
Karsten M. Self
karsten at linuxmafia.com
Fri Aug 6 10:42:01 PDT 2004
on Thu, Aug 05, 2004 at 09:17:44PM +0100, Milver S. Nisay (mnisay at aim-consultants.com) wrote:
>
> +----------+ +----------+ +---------+
> + Internet +<==========>| (linux)|<===========>|Windows workstations
> +----------+ +----------+ +---------+
> anybody can provide ideas with this scenario. under linux :a. has 2 NICs
> b. has dhcp leasing 192.168.1.X c. has iptables allowing 192.168.0.X to
> browse workstations:a. windows OS b. after booting up, all
> workstations have dynamic IP of 192.168.1.x (not allowed to
> browse)scenario:some windows workstations needs to browse, using linux box
> as gateway. but i need thoseworkstations to be authenticated first from
> linux box before they can browse. when authenticated from linux box,they
> get the 192.168.0.X IP (which is allowed to browse).i would like to
> implement this without squid authentication, but with freeradius +
> proxy.can it be done? is certificates advisable here? i believe proxy would
> be helpful on this. but for the authentication part, certificates? can it
> be done by apache? anyone pls. advise.thanks in advance.milver nisay
I don't know whether or not MSOE is mangling stuff badly, but could you
*please* format your posts for redability?
Generally, this involves:
- Spaces between words.
- Linefeeds between paragraphs.
- Paragraph breakds between major themes.
If you're trying to draw ASCII art, many (most?) of us read with
monospaced fonts and 80 column screens. Keep this in mind.
Peace.
--
Karsten M. Self <karsten at linuxmafia.com> http://linuxmafia.com/~karsten
Ceterum censeo, Caldera delenda est.
More information about the vox-tech
mailing list