5 Replies Latest reply on May 10, 2012 3:15 PM by firemtn

    Using Passport to authenticate outbound connections

    firemtn

      Hi All,

       

      I am trying to limit outbound connections from the DMZ burb.  The Web team needs to be able to make outbound connections at times for server maintenance etc.  So, to meet both our requirements, I’d like to setup passport authentication to allow only authenticated and authorized connections outbound over http.

       

      I setup an Authenticator for LDAP (Active Directory) and an external group that the user must be a member of to match my AAA requirements.  Next I configured passport to use that as its default authenticator.

       

      Now the part where I think there is an issue; I have two rules for testing.  The first one is setup to authenticate and verify group membership.  The second denies the connection (if the authtication failed).

       

      The first rule looks like fig 1 and the second like fig 2.  When I test it, I get redirected to log on, I can authenticate no problem, but the connection is not allowed.

       

      Has anyone implemented anything like this (version 70103)?   How did you do it?

       

      Thanks,

      Mike