Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
NEW features
« previous
next »
Print
Pages: [
1
]
Author
Topic: NEW features (Read 4177 times)
alexandrob
Newbie
Posts: 1
Karma: 0
NEW features
«
on:
February 21, 2017, 10:25:09 pm »
Hello people,
If this is not a correct location, please let me know where I can ask.
I wonder if OPNSense exclarece twice:
Is OPNSense in any version going to search for user group on LDAP / AD basis?
How firewall rules in any version will filter by user group on LDAP / AD base?
These two issues prevent me from implementing OPNSense on multiple clients due to a need for user group authentication.
Thank you.
Logged
JeGr
Hero Member
Posts: 1945
Karma: 227
old man standing
Re: NEW features
«
Reply #1 on:
February 21, 2017, 11:39:25 pm »
> How firewall rules in any version will filter by user group on LDAP / AD base?
What is meant by that one? Doesn't make much sense to me the way it reads. How should a _filter rule_ (on an IP package) determine a LDAP/AD user group? That info is nowhere to be found in an IP package of any sort!?
Logged
"It doesn't work!" is no valid error description!
- Don't forget to [applaud] those offering time & brainpower to help you!
Better have some *sense as no(n)sense!
If you're interested in german-speaking business support, feel free to reach out via PM.
franco
Administrator
Hero Member
Posts: 17668
Karma: 1611
Re: NEW features
«
Reply #2 on:
February 22, 2017, 07:44:08 am »
Hi there,
Groups for LDAP / AD are being discussed, but there's nobody committing to do the work just yet.
I think the second one means NGFW user-based firewall policies which is quite hard to pull in an open source integration sense. Commercial products use IP info scraped from LDAP services and/or client-side services to register a user's IP there. We don't have this, but you can enforce such things with DHCP static mappings, aliases and firewall rules, sometimes also the captive portal or the experimental SSO for the web proxy.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
NEW features