diff options
| -rw-r--r-- | docs/services/webproxy.rst | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/docs/services/webproxy.rst b/docs/services/webproxy.rst index d1c2ca2e..096a80cd 100644 --- a/docs/services/webproxy.rst +++ b/docs/services/webproxy.rst @@ -79,7 +79,32 @@ first. Otherwise you will not be able to commit the config changes. Authentication ^^^^^^^^^^^^^^ -TBD: https://wiki.vyos.net/wiki/Web_proxy_LDAP_authentication +The embedded Squid proxy can use LDAP to authenticate users against a company +wide directory. The following configuration is an example of how to use Active +Directory as authentication backend. Queries are done via LDAP. + +.. code-block:: sh + + vyos@vyos# show service webproxy + authentication { + children 5 + credentials-ttl 60 + ldap { + base-dn DC=rgtest,DC=local + bind-dn CN=proxyuser,CN=Users,DC=rgtest,DC=local + filter-expression (cn=%s) + password Qwert1234 + server 192.168.188.201 + username-attribute cn + } + method ldap + realm "VyOS Webproxy" + } + cache-size 100 + default-port 3128 + listen-address 192.168.188.103 { + disable-transparent + } Adjusting cache size ^^^^^^^^^^^^^^^^^^^^ |