Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Blocked site get the "Network Authentication" page instead of "Blocked Request" page...

Hi,
I just figured out to set the XG Firewall to used it only with Web Filtering.
Now when I have hit on a blocked policy, I'm redirected to the Captive Portal and I get the Network Authenticaion to login.
But I want to get the " Blocked Request" page and not the Network Authenticaion page.
How do I accplish this?
TIA



This thread was automatically locked due to age.
  • Hi PabloDiablo,

    Under page System > System Services > Authentication Services in section Captive Portal Settings change the option "Unauthenticated users redirection" to No ( Access Denied )

    __

    Analyst at Tecnomega
    Cyberoam Certified Network & Security Expert (CCNSE)

  • I too have the same problem! but disabling redirection "Unauthenticated users redirection" to No looks always the login page! I also tried to do a hard reset of the device but the problem persists!
  • Configure Access Denied under Captive portal, create a policy user where you allow certain users to a website, under this policy create a denied policy for http/https protocols.

    Luk
  • Same here, still Network Authentication page.
    Your advice: "Configure Access Denied under Captive portal, create a policy user where you allow certain users to a website, under this policy create a denied policy for http/https protocols."
    I don't understand where I can find "policy user" or where I should create it. Could you please clear this out for me?
  • Sorry for my quick reply (from iPhone).
    Anyway you need to create a Policy Rule to allow user to access https/https website then under this policy create another Policy denying http/https for internal networks.
    See attachment.
  • Thanks for the reply.
    This is to allow the traffic to go through the proxy. But the point is that when a site is blocked it should show "Blocked Request"-page and not the "Network Authentication"-page. Also by disabling "Unauthenticated users redirection" (set to No) it still ain't showing....
  • Pablo,

    can you share your Policy settings and Authentication settings too?

    Luk
  • I am also seeing PabloDiablo's issue, and I've got about the most basic test setup you can get - two virtual machines - one XG one debian - freshly installed. Debian is behind the XG.

    The only policies are one allowing HTTP/HTTPS traffic for unauthenticated users that goes through the "Deny All" web filter, and then a default policy blocking traffic. That's it.

    Under "Authtication Services" "Captive Portal Settings" I have "unauthenticated users redirection" set to NO.

    browsing to any website from debian yields a login screen, not an access denied message.

    I _HAVE_ seen an access denied message... as I could have SWORN i had this working on my "live" xg box - but it just redirects as well regardless of the setting, hence my virtual test... so there is something wrong here.

    --

    Chavous Camp

    UTM, SMC, SGN Certified Engineer / XG Certified Architect

  • i can as well achnowledge the behavior. I don´t get the blocked request screen from the proxy. But i had it too.
    I only get the custom screen of the captive portal.
    And the messages are only with category and username if logged in even if not access is given.