--- Reçu de RVIDOI.BUNTERMA 04 72 96 57 77 01/02/02 09.55
Do you have the possibility of setting up a DMZ?
i.e. another interface on the authentication ( a firewall?) that
restricts external users to a certain subnet.
Matt
------------------------------------------------------------------------
Date: Fri, 1 Feb 2002 09:34:54 +0100
Subject: authentication server
hello,
I need to setup an authentication server as follows:
+-----------+ __________ +----------------+
| | ( ) | |
| CLIENT +---{ INTERNET }---+ AUTHENTICATION |
| | (__________) | |
+-----------+ +--------+-------+
|
+------------------+---------------+--+
| | |
+---+--------+ +---+--------+ +---+--------+
| | | | | |
| SERVER 1 | | SERVER 2 | | SERVER 3 |
| | | | | |
+------------+ +------------+ +------------+
The clients should be able to authenticate themselves with user /
password, and then, the authentication server opens connection for
this specific client to some servers / ports.
Some notes about the clients:
* The clients are around the world, so I am not able to install
specific software, most of them are windooze users. Authentication
should be possible over http / java.
* Also, the clients can come from the same ip, especially, if some of
them work in the same company and are surfing the net over a gateway
which does nat.
Any hints in which direction I could go? I looked at squid / openldap
but I am not sure, if squid is possible to do something like this.
I would appreciate your comments
Jan
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
---- 01/02/02 09.55 ---- Envoyé à ---------------------------------
-> security-discuss(a)linuxsecurity.com
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
