Microsoft ISA 2006 Replacement

Hi I would like to pick your brains of the techs in this forum.
I was wondering if there are is an open source alternative to MS ISA 2006

the thing I’m looking for is a firewall that has a login page where I can login and authenticates the user and it pushes me to an internal website that is behind the firewall.

The login page needs to be public facing for the firewall but the internal web site / server that is behind the firewall is not public to the internet

Thanks for all your help in advance.

How important is the information? It sounds like you want two different things. A firewall, and authentication/authorisation for pro outside the network to access an internal page.

If it’s not that important you could probably just have a landing page on the ems to authenticate external users and proxy the internal page for those users. You can add more layers from there if needed. Or do something different.

Microsoft WAP (web application proxy) can do this (no, it’s not open source, but an easy migration from ISA).

it’s a role in Windows Server 2012 onwards (maybe earlier). much easier to configure than TMG or ISA for reverse proxy, too.

Open source wise, you’d be looking at squid probably. But be aware squid is a pain in the balls to configure for this stuff. Both on the certificate side, and hooking it up to either NTLM or LDAP auth.

Squid would be overkill most likely. Nginx proxy with auth would probably be enough if you were to use open tools.

2 Likes

Oh wow Microsoft still does somthing then. Didn’t realise. I will check out nginx with Auth this might be a good alternative

Thanks for your advice guys :grin:

HAProxy with authentication?

We run HAProxy inside a VM. It is lightweight, feature rich and very flexible.