Note: This topic applies to the Kenilworth Release.
The Smoothwall provides Secure Sockets Layer (SSL) Login as a built-in authentication mechanism which can be used by authentication-enabled services to apply permissions and restrictions on a customized, per-user basis.
When SSL Login is configured, network users requesting port 80 for outbound web access are automatically redirected to a secure login page, the SSL Login page, and prompted for their user credentials.
The SSL Login page can be manually accessed by users wishing to pro-actively authenticate themselves, typically where they need to use a non-web authentication-enabled service, for example, group bridging, or where only a small subset of users require authentication.
SSL Login authentication works by dynamically adding a rule for the IP address of each authenticated user, thus allowing SSL Login redirection to be bypassed for authenticated users. When an authenticated user logs out or exceeds the time-out limit, the rule is removed and future outbound requests on port 80 will again cause automatic redirection to the SSL Login.
For information about the authentication methods that can be used with SSL login, see Managing Authentication Policies.
When using SSL as an authentication method, it is possible to customize the title image, background image and message displayed on an SSL login page.
|1.||Go to Services > Authentication > SSL login.|
|2.||To change the title image, click the Choose File button for Title image. Using your browser’s controls, locate and select the file.|
|3.||To change the background image, click the Choose File button for Background image. Using your browser’s controls, locate and select the file.|
|4.||Optionally, change the default SSL login page text.|
|5.||Click Save changes.|
|1.||Go to the Services > Authentication > SSL login page.|
|2.||To remove the title image, adjacent to Title image, click Delete.|
|3.||To remove the background image, adjacent to Background image, click Delete.|
In the web browser of your choice, enter your Smoothwall’s IP address followed by:
or, using HTTPS:
The Smoothwall displays the SSL login page.
The Non-SSL Login page functions like the SSL login page method, but uses HTTP rather than HTTPS. Because of this, it does not require the administrator to roll out certificates to all users using the login page.
Note: It is considerably less secure because passwords are passed between the client and the system in plain text, and can therefore be intercepted. It is only recommended on networks where the connection between the clients and the system is secure and all the clients themselves are trusted.
You can customize the non-SSL Login page using the same procedure as detailed in Customizing the SSL Login Page.
If you make use of a Google G Suite domain but also have non-Google devices requesting authentication, you can use an SSL login page (for authentication over HTTPS) or non-SSL login page (for authentication over HTTP) as a "go-between" for authentication-required services.
Typically, the login page prompts users for their credentials according to their domain. By enabling the Google Sign-In button, Google user credentials stored locally in a cookie can be used to authenticate with the login page instead