Is it possible to use captive portal to force a user from the untrust side to authenticat before they can see port 22?
Captive Portal is more commonly used with traffic going from a trusted to an untrusted zone. It may work with traffic originating in the untrust zone, depending on your network configuration. Please contact Support so that you can discuss your options with them.
Yes it's possible and it's exactly what I'm doing on my box.
FYI, I have a static public IP address and am using many-to-one NAT (PAT) from inside to outside network.
Authentications I tried are local, Kerberos and LDAP (so last two with Active Directory integration). All working but the AD integration really helps if you are already using user-id
It's a rather basic setup, only captive portal, no NTLM or session cookies.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!