8e6 Technologies Enterprise Filter Authentication R3000 User Manual

Size:
6.79 Mb
Download

CHAPTER5: AUTHENTICATIONDEPLOYMENTTEST AUTHENTICATION SETTINGS

5. Click Apply.

Step 6: Use Authentication Request Page for redirect URL

1.Click the Redirect URL tab to display the Redirect URL page:

Fig. 5-7Sub Group Profile window, Redirect URL tab

2. Select “Authentication Request Form”.

NOTE: The host name of the R3000 will be used in the redirect URL of the Authentication Request Form, not the IP address. Be sure a forward/reverse DNS entry for the R3000 is made on the DNS server.

3. Click Apply.

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

169

CHAPTER5: AUTHENTICATIONDEPLOYMENTTEST AUTHENTICATION SETTINGS

Step 7: Disable filter options

1.Click the Filter Options tab to display the Filter options page:

Fig. 5-8Sub Group Profile window, Filter Options tab

2.Uncheck all the checkboxes: “X Strikes Blocking”, “Google/Yahoo! Safe Search Enforcement”, “Search Engine Keyword Filter Control”, “URL Keyword Filter Control”, and “Extend URL Keyword Filter Control”.

3.Click Apply.

170

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER5: AUTHENTICATIONDEPLOYMENTTEST AUTHENTICATION SETTINGS

Step 8: Attempt to access Web content

NOTE: For this step, you must have your own profile set up in order to complete the test process.

1. Launch Internet Explorer:

Fig. 5-9Internet Explorer browser

2. Enter a URL in the Address field of the browser window.

NOTE: The URL should be one that begins with“http”—not “https”.

3.After clicking Go, the Authentication Request Form shouldopen:

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

171

CHAPTER5: AUTHENTICATIONDEPLOYMENTTEST AUTHENTICATION SETTINGS

Fig. 5-10Authentication Request Form

4.Enter the following information:

Username

Password

If the Domain and Alias fields display, select the following information:

Domain you are using

Alias name for that domain (unless “Disabled” displays and the field isgreyed-out)

5.Click Log In to authenticate orre-authenticateyourself on the network.

The test process has been completed successfully if you are now able to access the content for the URL you entered at step 2 in this section.

172

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER5: AUTHENTICATIONDEPLOYMENTTEST AUTHENTICATION SETTINGS

Test net use based authentication settings

1.From the test workstation, go to the NET USE command line and enter the NET USE command using the following format: NET USE \\virtualip\R3000$

For example: NET USE \\192.168.0.20\R3000$

The entry you make should initiate a connection with Tier 1.

TIP: The virtual IP address should be the same as the one entered in the Virtual IP Address to Use for Authentication field inthe Authentication Settings window (see Chapter 2: Network Setup, Enter network settings for authentication).

2.Make a Web request to a site you can access, based on your filtering profile.

The test process has been completed successfully if you are now able to access the content for the URL you entered at step 2 in this section.

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

173

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

Activate Authentication on the Network

After successfully testing authentication settings, you are now ready to activate authentication on the network.

To verify that authentication is ready to be activated on the network, do either of the following, based on the Tier you selected:

If Tier 2 or Tier 3 Web-basedauthentication will be used: There are two options for Web-based authentication: IP Group authentication, and Global Group Profile authentication. Select the option you wish to use on your network. Go to the Activate Web-based authentication for an IP Group sub-section for instructions on setting up an IP Group profile for authentication. Go to the Activate Web-based authentication for the Global Group subsection for instructions on setting up the Global Group Profile for authentication.

NOTE: An accelerator card is recommended if usingWeb-basedauthentication.

If Tier 1 net use based authentication will be used: Go to the Activate net use based authentication sub-section for instructions on testing the login script and modifying the Global Group Profile for authenticating users.

174

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

Activate Web-basedauthentication for an IP Group

IP Group authentication is the preferred selection for Webbased authentication—overthe Global Group Profile authenticationoption—asit decreases the load on the R3000.

Step 1: Create a new IP Group, “webauth”

1.Click the IP branch of the tree.

2.Select Add Group from the pop-upmenu to open the Create New Group dialog box:

Fig. 5-11Create New Group box

3.Enter webauth as theGroup Name.

4.Enter the password in the Password andConfirm Password fields.

5.Click OK to add the group to the tree.

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

175

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

Step 2: Set “webauth” to cover users in range

1.Select the IP group “webauth” from the tree.

2.Click Members in the pop-upmenu to display the Members window:

Fig. 5-12Members window

3.Click the radio button corresponding to “Source IP”.

4.Enter the Source IP address of the workstation and specify the subnet mask for the range of user IP addresses of users to be authenticated.

5.Click Add to include the IP address range in the Current Members list box.

176

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

Step 3: Create an IP Sub-Group

1.Select the IP Group “webauth” from the tree.

2.Click Add Sub Group in the pop-upmenu to open the Create Sub Group dialog box:

Fig. 5-13Create Sub Group box

3.Enter the Group Name of your choice.

4.Click OK to add theSub-Groupto the IP Group.

5.Select the IP Sub-Groupfrom the tree.

6.Click Members in the pop-upmenu to display the Members window:

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE

177

CHAPTER 5: AUTHENTICATION DEPLOYMENT ACTIVATEAUTHENTICATION ON THENETWORK

Fig. 5-14Sub Group Members window

7.Click the radio button corresponding to “Member”.

8.In the Member fields, enter the IP address range for members of theSub-Group,and specify the subnet mask.

9.Click Modify.

178

8E6 TECHNOLOGIES, R3000 ENTERPRISEFILTERAUTHENTICATIONUSERGUIDE