D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: rcamkerr on January 07, 2010, 10:45:46 AM

Title: Force user authentication to access dmz webserver
Post by: rcamkerr on January 07, 2010, 10:45:46 AM

I would like to create a ruleset that would force users coming in on the external interface to provide a login and password before they can access a web server in the DMZ using HTTPS. I have a DFL210. I am not sure how I would do this.

I have created a local database with user names and passwords.
I created a authentication rule
Authentication Agent: HTTP
Authentication Source: Local
Interface: any
Originator: wan_ip_5

Agent Options
Login type: HTML form
HTTP Banners: Default

Title: Re: Force user authentication to access dmz webserver
Post by: Fatman on January 07, 2010, 12:54:41 PM

You will want to follow the existing document below and then modify it to your exact needs.

http://www.dlink.com/support/faq/?prod_id=2395

Title: Re: Force user authentication to access dmz webserver
Post by: rcamkerr on January 07, 2010, 03:59:22 PM

Now in that article in step 8. Should this be the ip address of the web server in the DMZ, or the external address of the webserver?

Title: Re: Force user authentication to access dmz webserver
Post by: Fatman on January 08, 2010, 08:23:18 AM

It should be the network identifier of the network that can potentially authenticate.  In the document it matches lannet, with the crucial exception that it is set as a user authenticated address.