Web-Auth User-Agreement Sub-Commands; Web Authentication Policy Insert Command Example - ZyXEL Communications UAG Series User Manual

Chapter 24 Web Authentication

24.2.3 web-auth user-agreement Sub-commands

The following table describes the sub-commands for several web-auth user-agreement commands.
Note that not all rule commands use all the sub-commands listed here.
Table 82 web-auth user-agreement Sub-commands
COMMAND
[no] agreement-url url
[no] idle-detection [timeout
<1..60>]
[no] internal-page-customization
logon-re-auth-time <0..1440>
type {external | internal}
[no] welcome-url <url>

24.2.4 Web Authentication Policy Insert Command Example

The following commands show how to insert a web authentication policy at position 1 of the
checking order. This policy applies endpoint security policies and uses the following settings:
• Activate: yes
• Description: EPS-on-LAN
• Source: use address object "LAN1_SUBNET"
• Destination: use address object "DMZ_Servers"
• User Authentication: required
• Schedule: no specified
• Endpoint security: Activate
146
DESCRIPTION
Sets the user agreement page's URL; for example, http://IIS server IP
Address/logout.html. You can use up to 255 characters (0-9a-zA-Z;/
?:@&=+$\.-_!~*'()%) in quotes.
The command removes the URL.
no
The Internet Information Server (IIS) is the web server on which the user
agreement files are installed.
Sets the UAG to monitor how long each access user is logged in and idle (in
other words, there is no traffic for this access user). The UAG automatically
logs out the access user once the specified idle timeout has been reached.
Sets the UAG to use the custom user agreement pages that are uploaded to
the UAG through the web configurator.
Sets the number of minutes the user can be logged into the UAG in one
session before having to log in again.
Sets the user agreement page appears whenever the web portal intercepts
network traffic, preventing unauthorized users from gaining access to the
network.
internal: Use the default user agreement page built into the UAG.
external: Use a custom user agreement page from an external web portal
instead of the default one built into the UAG. You can configure the look
and feel of the user agreement page.
Sets the welcome page's URL; for example, http://IIS server IP Address/
logout.html. You can use up to 255 characters (0-9a-zA-Z;/?:@&=+$\.-
_!~*'()%) in quotes.
The command removes the URL and sets the UAG to use the welcome
no
page of internal user agreement file.
The Internet Information Server (IIS) is the web server on which the user
agreement files are installed.
UAG CLI Reference Guide