Is there any issue in UTMs

Created: Aug 16, 2019 06:29:32Latest reply: Aug 18, 2019 08:58:10 81 4 1 0
  Rewarded Hi-coins: 0 (problem resolved)

Please suggest for the UTMs/Firewalls specially model USG 6300 series that "Login page cannot redirect from secure (HTTPS) sites".

  • x
  • convention:

Featured Answers
wissal
MVE Created Aug 18, 2019 05:43:36 Helpful(0) Helpful(0)

HI;
If users use only the HTTP/HTTPS service to access network resources, you can configure redirected authentication. Redirected authentication implements authentication on Internet access users when they attempt to access HTTP/HTTPS services. The users can access network resources after being authenticated. Currently, the NGFW pushes the authentication page only for HTTP request packets whose destination port number is 80 or HTTPS request packets whose destination port number is 443, and discards other request packets, including those identified as HTTP/HTTPS packets using port mapping.
Is there any issue in UTMs-3037461-1 NOTICE:
If a user accesses the HTTP/HTTPS service using a URL, DNS service packets must be exchanged between the user and the DNS server to resolve the URL. If a NGFW is deployed between the user and the DNS server, you must configure a security policy to allow the exchanged DNS packets to pass through the NGFW.
As shown in Figure 11-19, after receiving HTTP packets whose destination port is 80 or HTTPS request packets whose destination port number is 443 from an Internet access user, a NGFW redirects the user to an authentication web page and triggers identity authentication. The user can access network resources after being authenticated.
Figure 11-19  Redirected authentication 
Is there any issue in UTMs-3037461-2
For more details please refer to the link:

Thanks
  • x
  • convention:

Telecommunications%20engineer%2C%20currently%20senior%20project%20manager%20at%20an%20operator%2C%20partner%20of%20Huawei%2C%20in%20the%20radio%20access%20network%20department%2C%20for%2020%20years%20I%20managed%20several%20types%20of%20projects%2C%20for%20the%20different%20nodes%20of%20the%20network.
All Answers
Popeye_Wang
Popeye_Wang Admin Created Aug 16, 2019 06:49:34 Helpful(0) Helpful(0)

Hi @vkumar,
Do you mean that you can't open the web page through https for login the USG6300?
You may just need to clear the browser cache and reset setting, when you try to log in you can click on advanced option to open it.
  • x
  • convention:

wissal
wissal MVE Created Aug 18, 2019 05:43:36 Helpful(0) Helpful(0)

HI;
If users use only the HTTP/HTTPS service to access network resources, you can configure redirected authentication. Redirected authentication implements authentication on Internet access users when they attempt to access HTTP/HTTPS services. The users can access network resources after being authenticated. Currently, the NGFW pushes the authentication page only for HTTP request packets whose destination port number is 80 or HTTPS request packets whose destination port number is 443, and discards other request packets, including those identified as HTTP/HTTPS packets using port mapping.
Is there any issue in UTMs-3037461-1 NOTICE:
If a user accesses the HTTP/HTTPS service using a URL, DNS service packets must be exchanged between the user and the DNS server to resolve the URL. If a NGFW is deployed between the user and the DNS server, you must configure a security policy to allow the exchanged DNS packets to pass through the NGFW.
As shown in Figure 11-19, after receiving HTTP packets whose destination port is 80 or HTTPS request packets whose destination port number is 443 from an Internet access user, a NGFW redirects the user to an authentication web page and triggers identity authentication. The user can access network resources after being authenticated.
Figure 11-19  Redirected authentication 
Is there any issue in UTMs-3037461-2
For more details please refer to the link:

Thanks
  • x
  • convention:

Telecommunications%20engineer%2C%20currently%20senior%20project%20manager%20at%20an%20operator%2C%20partner%20of%20Huawei%2C%20in%20the%20radio%20access%20network%20department%2C%20for%2020%20years%20I%20managed%20several%20types%20of%20projects%2C%20for%20the%20different%20nodes%20of%20the%20network.
umaryaqub
umaryaqub MVE Created Aug 18, 2019 06:48:08 Helpful(0) Helpful(0)

Hi,

If you are interested in new UTMs/Firewalls, you should go for USG6500E series, they have better signatures updates and since, USG6300 will be end of sale soon (and end of life later on), it's better to move to newer firewalls with better protection and better support.
  • x
  • convention:

Embabi
Embabi Created Aug 18, 2019 08:58:10 Helpful(0) Helpful(0)

could you confirm which version used
  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login