Overview
Two or more users can access computers in the Kerio Control network simultaneously; this article covers the steps to require user authentication for each browser session, which allows Kerio Control to uniquely identify the web requests of each user on the computer.
Note: This option is useful only in Citrix or Terminal Service environments where multiple users authenticate to the firewall from the same computer.
Information
Prerequisites
-
Configure non-transparent proxy server in Kerio Control. A non-transparent proxy server is implemented so that the web browser and other client applications know that a proxy is being used, and can act accordingly.
-
Configure non-transparent proxy server settings in browsers on computers shared with two or more users. These servers redirect requests and responses between computers on the Internet and those in the local network. For more information, refer to Configuring Proxy Servers.
Process
-
In Kerio Control's administration interface, navigate to Domains and User Login > Authentication Options.
-
Check the Force non-transparent proxy server authentication option.
-
Check the Apply only to these IP addresses option.
-
Add a new IP address group for computers shared with two and more users by clicking the Edit button.
-
Click Apply to save the changes.
Confirmation
The users on the same computer you configured will be required to authenticate for each browser session from now on.
Note: Kerio Control requires authentication whenever a browser opens. If you run Terminal Server on Windows Server 2008 R2 and above, you can use Remote Desktop IP Virtualization instead of proxy servers. For more information, refer to Using Remote Desktop IP Virtualization.