WinRoute Firewall can be configured to authenticate to an NT Domain Controller (see
WinRoute Firewall Admin manual for proper configuration) either using the WinRoute Firewall login page:
or automatically using the browsers built in NTLM authentication (IE 5.x or higher and Firefox 1.0.4)
When the computer is not in use or when the user has finished accessing the Internet they can log out of WinRoute Firewall from the log out page. This page can can easily be accessed by adding a bookmark to your browser:
or
If a user fails to log out their authenticated session will remain active until the user manually logs out or the session times out do to inactivity, default timeout is 2 hours. Logging out of Windows does not automatically log the user out of WinRoute Firewall.
However, it is possible to automate the log out process when the user logs out of Windows. This is useful when sharing computers. Windows Domain Controllers and Active Directory have the ability to call script tools (such as wget, curl or even a browser) that can be used to log out WinRoute Firewall users. These tools must be capable of fetching the following URL:
http://firewall.name:4080/fw/login?ButtonLogout=1 Once the logoff script and URL is run from the client computer that user will be logged off.
Here's an example using wget:
1. Download the Windows version of wget from the following URL:
2. Copy the wget.exe file to the client computers or a share accessible to the clients.
3. Configure a Group Policy logout script for Windows users that require automatic log out (this is a configuration in Windows not WinRoute Firewall). For example, open the Group Policy snap-in (Active Directory Users, Domain properties, Group Policy tab, Edit), open User Configuration, Windows Settings, Scripts (Logon/Logoff), and create a new Logoff script as follows:
Note: firewall.name = your_server_name or IP and the URL parameters are case sensitive.
4. Save the script settings and wget will call the log out URL at Windows log off and automatically log out the WinRoute Firewall user.