User Response elements and how they work

User Response elements allow you to define custom responses that are sent to the user when an HTTP or HTTPS connection is closed.

User Responses make it possible to explain to the user why the connection was closed instead of simply closing the connection with no notification. They help administrators differentiate cases where the Secure SD-WAN Engine closes a connection from cases where a technical problem prevents the connection from going through.

When you combine User Responses with browser-based user authentication, you can also redirect users to their original destination after they have authenticated to a Engine. The redirection can be automatic or require the users to click a link to the original HTTP destination address on the user authentication page after they have authenticated.

You can use User Responses in Access rules and in Inspection Policies. Redirection to the user's original HTTP destination after authentication must be configured in the Inspection Policy.
Note: You can also redirect some part of HTTP or HTTPS traffic to an additional security processing service like Forcepoint Remote Browser Isolation. For more information about the configuration to redirect user web traffic to Forcepoint RBI, see Configuring the redirect for Forcepoint Secure SD-WAN in Remote Browser Isolation Documentation.

Limitations of User Responses

User Responses have the following limitations:

  • To use User Responses with HTTPS traffic, you must enable decryption of HTTPS traffic.
  • Some web browsers, such as Mozilla Firefox and Google Chrome, use HTTP Strict Transport Security (HSTS) to enforce the use of HTTPS by default. The end user's web browser might not accept the certificate for TLS inspection when HSTS is used.