Solved

IIS: Multiple user recognition behid one IP

Posted on 2016-08-25
2
66 Views
Last Modified: 2016-08-29
Hi experts,

I need your help.

I have to deploy a website with content protected by two-factor authentication access. The solution bought for 2FA is Fortigate 50E with Fortitoken.

The process is as follows:
1.The user types the website address is the browser
2.Fortigate asks for username and password
3.Fortigate asks for token code
4.Browser displays the website.

The problem is that different content have to be displayed to different users so the user must be authenticated somehow. For best user experience this must be done without prompting again for credentials. So I must have user authenticated by fortigate with autologin to the website.

No matter if I use fortigate local user or windows local user with radius I cannot be sure who is the user behind the IP

I have Fortigate Logs, NPS Radius logs so I can match username and IP for autologin but I cannot recognize two users connecting from one IP.

Do you have any ideas about how to recognize the user requesting access to the IIS without prompting for credentials again?

Thanks in advance guys!
0
Comment
Question by:Peter Virovski
2 Comments
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 41769930
It sounds like you've set up the fortigate to require authentication before the website is ever accessed. If that is so, there is no way to accomplish all of your goals.

You would, instead, want to have fortigae allow access anonymously, then configure IIS to require authentication, either using fortigate as an external RADIUS server or using frigate APIs. The specifics would be application specific. The end result would be IIS having enough information (usually cookie driven) to differentiate users independent of their requesting IP address.
0
 

Author Closing Comment

by:Peter Virovski
ID: 41774653
Thank you Cliff, I'll see if changing the setup is applicable or will just ask for username again.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now