Hello,

We have NW 6.5 sp3 and are running BorderManager 3.8 no service pack
(working on getting sp5 installed) running in a 3 server clustered environment.

I would like a little help in accomplishing a few things.
1. Make it so that only the users in two specific containers are able to
access the internet.
2. Ensure that users from any other container or users who are not logged
in are unable to use the internet unless they do the web page log in with a
user name from the two containers I specified.
3. To log the user name of person accessing the internet.
4. Allow any computer, whether it is logged in or not to be able to access
the specific url to our Patchlink server

Right now the way BM is set up points 1, 2 & 3 work fine. It is point 4
that I am having trouble with. I have put the two containers I want to
have access to the internet in the “Context” section of “Authentication”.
I read about the need to not have “Any” as a “Source” for rules so I tried
switching the “Source” to the two containers I want to allow but when I put
a check in “Authenticate only when user attempts to access a restricted
page” it no longer seems to record their user names and it no longer seems
to require anyone to log in to access the internet. I have since unchecked
“Authenticate only when user attempts to access a restricted page”.
My guess is that it may have something to do with the way my rules are set
so I am including them as well.

My effective rules currently are:
Action: Deny; Source: -see list-; Access: URL; Destination: Any URL (just a
group of accounts I dont want accessing the internet)
Action: Allow; Source: Specified user container list; Access: URL;
Destination: Any URL
Action: Deny; Source: Any; Access: Any; Destination: Any (this is the
default system one I guess)

Thank you for any help or suggestions