Configuring Web Authentication

System > Network > Advanced Network > User Identification

By configuring web authentication, Hillstone devices can authenticate users who access the Internet via the device.

In the WebAuth page, you can execute the following tasks:

In the WebAuth tab, configure the web authentication parameters.
In the WebAuth tab, click WebAuth Wizard to configure the web authentication function.
In the WebAuth tab, click Customize to customize the web authentication login page.
In the Online Users tab, you can view the information of the online users.

Options in the WebAuth page:

Option	Description
Authentication Mode	Configure the WebAuth mode. Click HTTP to enable HTTP WebAuth mode; click HTTPS to enable HTTPS WebAuth mode; click Disable to disable the WebAuth function.
HTTP/HTTPS Port	Type the port number of the WebAuth server into the HTTP port or HTTPS port box. HTTP port number and HTTPS port number could not be the same.
Multiple Login	According to your requirements, select whether or not to allow the multiple logins. If you select Enable, multiple clients can be logged in with the same username simultaneously. And you can specify how many times the same username can be logged in the Concurrent Login Number section. Unlimited means the system does not limit how many times the client logs in using one username at the same time. Maximum means the maximum allowed times. Type the value in the textbox. The range is 2 to 1000 times. The default value is 100.
Behavior	If you select Disable, only one client is allowed to log in. Replace means the user who already logged in will be kicked out by the same user who logs in later. The system will automatically cut the connection to the user who already logged in. Refuse New Login means The same user will be prohibited to log in again.
Client Heartbeat Timeout	Type the client timeout value into textbox. When authentication is successful, system will automatically refresh the login page before reaching to the configured timeout value in order to maintain the login status.
Re-Auth Interval	Specify the time interval to re-authenticate clients. Select the Re-Auth interval checkbox, and then type the time value.
Forced Re-login Interval	Specify the time interval for users to re-log in. Type the time value into the textbox.
Redirect URL	Configure Redirect URL function. If configured, when the client sends a HTTP request, the system will automatically redirect the HTTP request to the specified URL. Type the URL into the textbox. The format of URL should be "http://www.abc.com" or "https://www.abc.com".

Options in the WebAuth Configuration Wizard dialog:

Option	Description
Parameters
Authentication Mode	Select the Configure the WebAuth mode.
HTTP/HTTPS Port	Click HTTP to enable HTTP WebAuth mode; click HTTPS to enable HTTPS WebAuth mode; click Disable to disable the WebAuth function.
Auth User
AAA Server	Select the AAA server. All users from this server will be authenticated.
Policy
Src/Dst/DNS Zone	从Specify the zones (Src zone, Dst zone, DNS zone) for policy rules.

Tip: The system will automatically generate three policy rules for the web authentication. You can view the policies in Policy.

Options in the WebAuth Login Page Configuration dialog:

Option	Description
Description	Type a description into the textbox.
Background Picture	Click Browse and choose the background picture in your local PC. Then click Upload. Note the picture must be compressed as a ZIP file. The name of WebAuth background pictures must be login_page_bg_en.gif (for English language). The size of pictures must be 624px*376px.
Restore Default	You can restore to the default WebAuth login page by clicking Restore Default. In the Restore Default dialog, select English and then click OK to restore the English WebAuth login page.