On Tue, Apr 21, 2009 at 3:46 PM, Dimitri Rodis <[email protected]> wrote: > Microsoft Internet Security and Acceleration Server (ISA Server), and you > need to have AD. > > I've used it, but only in this particular case. I do not know of anything in > the open source world that works reliably specifically the way you want it > to. (That is not to say that nothing exists, I just may not know about it). > With respect to ISA, there is a client installation (aka Firewall Client) > that is required to make the authentication transparent--without it, it > would work just like pfSense would-- with RADIUS against AD, and the user > would have to enter credentials manually. >
Not exactly, so long as you're using IE it'll pass through credentials automatically. The firewall client is so you don't have to configure all your applications to use a proxy, it automatically picks up any traffic not destined to your internal networks (as defined in ISA) and pushes it through the proxy. Works well in the environments I use it. ISA is a good proxy. I personally don't like it as a perimeter firewall, and it can be buggy (2006 is much better than 2004 and 2000, though still quirky at times), but its proxy functionality in a Windows environment is great. The reverse proxy is also nice if you use OWA and/or OMA with Exchange. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
