Active Authentication Using a Realm
This task discusses how to authenticate captive portal users with a realm and any available authentication protocol (currently, HTTP Basic, NTLM, Kerberos, HTTP Negotiate, or HTTP Response Page).
Before you begin
Complete the task discussed in Create a Sample Identity Policy with an Active Authentication Rule.
Procedure
Step 1 | Continue from Create a Sample Identity Policy with an Active Authentication Rule. |
Step 2 | On the Realms & Settings tab page, click US-East. |
Step 3 | From the Authentication Protocol list, click NTLM. The following figure shows an example. If you choose a realm (such as in the example), the system searches that realm for users to match the rule. If a user is not found, the user is identified as Unknown. |
Step 4 | Click Add. |
Step 5 | (Optional.) To filter traffic by network object, click the Identity Source tab. From the list, click the network object to use to filter traffic for this identity policy. Click Add () to create a new network object. |
Step 6 | Set identity rule conditions as discussed in Identity Rule Conditions. |
Step 7 | Associate the identity rule with an access control rule as discussed in Associating Other Policies with Access Control. |
Step 8 | Deploy configuration changes to managed devices; see Deploy Configuration Changes. |