Creating authentication policies
For a transparent policy:
- You must set up the DNS correctly on your network so that users' devices can resolve the short form of the Smoothwall Filter host name, for example: resolve mysystem for the host name mysystem.example.com.
- Users' devices and the Smoothwall Filter must be within the same DNS domain.
- Internet Explorer must be configured to authenticate with intranet sites automatically.
- On the WEB PROXY menu, under the Authentication submenu, click Policy wizard.
- Under the Step 1: What section, from the Type options, select to create either a Transparent or Non-transparent authentication policy.
- From the Method list, select one of the Authentication Methods.
- From the Interface list, select the interface on which to apply the authentication policy.
- For a nontransparent policy, from the Port list, select the relevant port number for your Smoothwall to listen on for proxy requests.
- For a transparent policy:
- To transparently intercept HTTPS traffic, select the Filter HTTPS traffic option and from the Behavior list, select how the Smoothwall Filter handles HTTPS requests without a Server Name Indication (SNI).
- To make sure that traffic leaving the Smoothwall has the source IP address of the client making the web request and not the IP address of Smoothwall, select the Spoofing option.
- Click Next.
- Under the Step 2: Where section, from the Available locations list, select the location at which the policy will apply and click Add ». Once you have added all your locations, click Next.
- Under the Step 3: Options for unauthenticated requests section, from the Available groups list, select a group that you want to assign requests and click Add ».
- Make sure that the policy is turned on by making sure that the Enable Policy option is selected. Once you are satisfied, click Confirm.
- Review your selections and click Save to create the policy.
- Place the policy in the order that you want it to be applied, see our help topic, Managing authentication policies.