Creating the core authentication policy

Notes:
  • you might need multiple Core authentication policies if your devices can use more than one internal interface.
  • Whichever Interface and Port combination is selected, make sure that your client devices have that set for their Internet proxy settings otherwise, group mappings.

Prerequisites

Procedure

  1. On the WEB PROXY menu, under the Authentication submenu, click Policy wizard.
  2. Under the Step 1: What section, from the Type options, select to create either a Transparent or Non-transparent authentication policy.
  3. From the Method list, select the "Core authentication" method.
  4. From the Interface list, select the interface on which to apply the authentication policy.
    • For a nontransparent policy, from the Port list, select the relevant port number for your Smoothwall to listen on for proxy requests.
    • For a transparent policy:
      1. To transparently intercept HTTPS traffic, select the Filter HTTPS traffic option and from the Behavior list, select how the Smoothwall Filter handles HTTPS requests without a Server Name Indication (SNI).
      2. To make sure that traffic leaving the Smoothwall Filter and Firewall has the source IP address of the client making the web request and not the IP address of Smoothwall, select the Spoofing option.
  5. Click Next.
  6. Under the Step 2: Where section, from the Available locations list, select "Everywhere" and click Add », and then click Next.
  7. Under the Step 3: Options for unauthenticated requests section, from the Available groups list, select those group names, where detected unauthenticated users are placed and click Add ».
  8. Make sure that the policy is turned on by making sure that the Enable Policy option is selected. Once you are satisfied, click Confirm.
  9. Review your selections and click Save to create the policy.