Firewall User Authentication
WinRoute allows administrators to monitor connections (packet, connection, Web pages or FTP objects and command filtering) related to each user. The username in each filtering rule represents the IP address of the host(s) from which the user is connected.
In addition to authentication based access limitations, user login can be used to effectively monitor activity using logs (see chapter Logs), and status (see chapter Connection Overview) and hosts and users (see chapter Hosts and Users). If there is no user connected from a certain host, only the IP address of the host will be displayed in the logs and statistics.
Users can connect:
-
manually in the browser user will open page
http://server:4080/fw/login
(the name of the server and the port number are examples only see chapter Web Interface and User Authentication)
-
redirection by accessing any Web site (unless access to this page is explicitly allowed to unauthenticated users see chapter URL Rules)
-
using NTLM if Microsoft Internet Explorer or Mozilla is used and the user is authenticated in a Windows NT domain or Active Directory, the user can be authenticated automatically (the login page will not be displayed).
Note: For security reasons, the Mozilla Web browser does not allow for automatic sending of login data to the server. A dialog window where confirmation of sent login data is required will be opened instead.
For details see the User Authentication Options section.
Login by re-direction is performed in the following way: user enters URL pages that he/she intends to open in the browser. WinRoute detects whether the user has already authenticated. If not, WinRoute will re-direct the user to the login page automatically. After a successful login, the user is automatically re-directed to the requested page or to the page including the information where the access was denied.
Note: If the Do not use SSL-secured interface option is enabled in the parameters for the Web interface (see chapter Web Interface Parameters Configuration), users are re-directed to the encrypted login page automatically. If not, users are re-directed to the unencrypted login page.
Login page
Authentication page through which users login to the firewall against username and password.
If the user is re-directed to the page automatically (after inserting the URL of a page for which the firewall authentication is required), he/she will be re-directed to the formerly requested site after successful login attempt. Otherwise, a reference page will be opened from which users can open other pages of the Web interface (e.g. user preferences, dial-up control, cache management, etc.). For detailed information, refer to the following chapters.
