Hey fellas,
Is this even going to be possible?
All the users are natted by the fw and come to my bluecoat proxy from a single source address.
Some of these users are domain users, so they can be authenticated with LDAP, but others are non-domain external users.
I'm thinking I can create a RADIUS server and make accounts for the non-domain users but then the proxy would need two separate auth realms and policies.
Also how would the proxy even know which request should be sent to the RADIUS and which to LDAP? I guess it would but the source for both would be same, so is it like it'll match whichever it hits first?
Thanks for reading!
No comments:
Post a Comment