Print Download PDF Send Feedback

Previous

Next

Configuring Browser-Based Authentication in SmartConsole

In the Identity Sources section of the Identity Awareness page, select Browser-Based Authentication to send unidentified users to the Captive Portal.

If you configure Transparent Kerberos Authentication, the browser tries to identify AD users before sending them to the Captive Portal.

If you already configured the portal in the Identity Awareness Wizard or SmartConsole, its URL shows below Browser-Based Authentication.

To configure the Browser-Based Authentication settings:

  1. Select Browser-Based Authentication and click Settings.
  2. From the Portal Settings window, configure:
    • Portal Network Location
    • Access Settings
    • Authentication Settings
    • Customize Appearance
    • User Access
    • Endpoint Identity Agent Deployment from the Portal

Note - When you enable Browser-Based Authentication on an IPSO Security Gateway that is on an IP Series appliance, make sure to set the Voyager management application port to a port other than 443 or 80.

Portal Network Location

Select if the portal runs on this Security Gateway or a different Identity Awareness enabled Security Gateway. The default is that the Captive Portal is on the Security Gateway. The Security Gateway redirects unidentified users to the Captive Portal on the same Security Gateway. This is the basic configuration.

A more advanced deployment is possible where the portal runs on a different Security Gateway. See the Deployment section for more details.

Access Settings

Click Edit to open the Portal Access Settings window. In this window, you can configure:

Authentication Settings

Click Settings to open the Authentication Settings window. In this window you can configure:

The default is that all user directory options are selected. You might choose only one or two options if users are only from a specified directory or directories and you want to maximize Security Gateway performance when users authenticate. Users with identical user names must log in with domain\user.

Customize Appearance

Click Edit to open the Portal Customization window and edit the images that users see in the Captive Portal. Configure the labeled elements of the image below.

Label Number

Name

To do in GUI

1

Portal Title

Enter the title of the portal. The default title is Network Login.

2

Company Logo

Select Use my company logo and Browse to select a logo image for the portal.

2

Company Logo for mobiles

Select Use my company logo for mobiles and Browse to select a smaller logo image for users who access the portal from mobile devices.

User Access

Configure what users can do in the Captive Portal to become identified and access the network.

Name and Password Login Settings

Click Settings to configure settings for known users after they enter their usernames and passwords successfully.

Unregistered Guest Login Settings

Click Settings to configure settings for guests.

Endpoint Identity Agent Deployment from the Portal

If Endpoint Identity Agents is selected as a method to acquire identities, you can require users to download the Endpoint Identity Agent from the Captive Portal. You can also let users install the Endpoint Identity Agent on a specified later date and not right away.