> Hi!!! I am currently working on an project that will require
> me to do some authentication, audit, and accounting on both
> dial up and LAN user's Internet usage in our University.
> For dial up we don't have much problem, there is the TACACS
> and XTACACS that can be use for this purposes. But I am
> having a problem when it comes to the LAN user. I need to
> protect and prevent unauthorize users in the campus from
> accessing the Internet.
> To do LAN user authentication and control, I am kind of
> thinking may be a firewall or proxy may do the tricks.
> Something like the setup below:
> Internet ----- Router ------+---- Proxy ----- Internal LAN
> Bastion Host
> The proxy should be able to do some authentication, and
> accounting on the user.
> Can anyone tell me where I can find such a proxy? or any
> other software that may help me solve the problem?
> TACACS use the wtmp format of UNIX for saving accounting
> data(such as login and logout time, username... etc). I was
> hoping that the proxy will also be able to log user info
> in such a format for better management.
> Thanks in advance....
Try Squid Proxy at http://squid.nlanr.net/Squid
The Squid authentication works fine for me.
Pedro L Orso