Active Authentication Using a Realm Sequence
This task discusses how to authenticate captive portal users with a realm sequence, which restricts you to the HTTP Basic or HTTP Response Page authentication protocols.
Before you begin
Complete the task discussed in Create a Sample Identity Policy with an Active Authentication Rule.
Procedure
Step 1 | Continue from Create a Sample Identity Policy with an Active Authentication Rule. |
Step 2 | On the Realms & Settings tab page, click the name of a realm from the list. |
Step 3 | From the list, click US-East. |
Step 4 | From the Protocol list, click HTTP Response Page. The following figure shows an example. If you choose a realm sequence (such as in the example), the system searches realms in the sequence in the order specified in the realm sequence. The first realm in the sequence can be referred to as the default realm; it's the realm that is used if the user does not change it. If a user is not found, the user is identified as Unknown. (Only if you upgraded to version 7.4.1 from an earlier version.) Edit the HTTP response page so it shows the list of realms in the sequence as discussed in Update a Custom Authentication Form. |
Step 5 | Click Add. |
Step 6 | (Optional.) To filter traffic by network object, click the Identity Source tab. From the list, click the network object to use to filter traffic for this identity policy. Click Add () to create a new network object. |
Step 7 | Set identity rule conditions as discussed in Identity Rule Conditions. |
Step 8 | Associate the identity rule with an access control rule as discussed in Associating Other Policies with Access Control. |
Step 9 | Deploy configuration changes to managed devices; see Deploy Configuration Changes. |