CHAPTER 1: INTRODUCTION AUTHENTICATION OPERATIONS

4.Upon creating the IPC share, the software in the R3000 queries the network authentication server with the user's login name and password sent by the workstation.

5.Once the user is successfully authenticated, the R3000 matches the user’s login name or group name with a stored list of profile settings in the R3000. As a result of this process, the user is assigned the appropriate level of filtering.

6.The matched profile is set for the user's IP address. The IPC connection is completed and maintained with peri- odic “keep-alives.”

7.When the user logs off, changes IP addresses, loses the network connection, or in any way causes the IPC connection to be altered or deactivated, the R3000 senses this change and returns the IP address to the configured global filtering level.

WARNING: Authentication will fail if a Network Address Transla- tion (NAT) device is set up between the authentication server and end user clients. Authentication may also fail if network connec- tions are overloaded, causing a severe delay in the transportation of SMB traffic. This can be a problem in any network, but is most prevalent in WAN links, or in trunk links that are overloaded.

Re-authentication process

1.The user loses his/her user profile after one of the following incidences occurs:

the server is rebooted, or

the connection from the user’s machine to the server is dropped (as with a faulty network cable)

2.A block page displays for the user.

3.In order to re-access the Internet, the user must re- authenticate him/herself by clicking a link in the block page to generate a login script that re-authenticates the user’s profile.

26

8E6 TECHNOLOGIES, R3000 ENTERPRISE FILTER AUTHENTICATION USER GUIDE

Page 38
Image 38
8e6 Technologies R3000 manual Re-authentication process