To use browser-based user authentication, you must define some IPv4 or IPv6 Access rules.
Note: To redirect HTTPS traffic, you must enable TLS decryption for the traffic.
You must define the following IPv4 or IPv6 Access rules:
- An Access rule that allows all clients to access the logon page.
- An Access rule that allows authenticated users to establish HTTP or HTTPS connections.
- An Access rule that redirects unauthenticated HTTP or HTTPS traffic to the logon page.
For more details about the product and how to configure features, click Help or
press F1.
Steps
-
Select
Configuration.
-
Browse to .
-
Right-click a policy, then select Edit <Policy name>.
-
Add the following Access rules:
Table 1. Example Access rules for unauthenticated HTTP connections
Source |
Destination |
Service |
Action |
Authentication |
ANY |
IP addresses of interfaces through which users can authenticate. |
HTTP
HTTPS
(Port settings must be the same as defined in the User Authentication settings for the Secure SD-WAN Engine.)
|
Allow |
|
ANY |
IP addresses of network services that require authentication. |
HTTP
HTTPS
|
Allow |
Users or User Groups who are allowed to access services, and appropriate Authentication Methods. |
ANY |
IP addresses of network services that require authentication. |
HTTP
HTTPS
|
Refuse
Connection tracking: Default
Response: redirect to the logon page.
|
|
-
Click Save
and Install.