Cisco Cisco NAC Appliance 4.1.0
Cisco NAC Appliance - Clean Access Manager Installation and Administration Guide
OL-12214-01
Chapter 5 Configuring User Login Page and Guest Access
Add Default Login Page
Proxy Settings
By default, the Clean Access Server redirects client traffic on ports 80 and 443 to the login page. If users
on your untrusted network are required to use a proxy server and/or different ports, you can configure
the CAS with corresponding proxy server information in order to appropriately redirect HTTP/HTTPS
traffic client traffic to the login page (for unauthenticated users) or HTTP/HTTPS/FTP traffic to allowed
hosts (for quarantine or Temporary role users). You can specify:
on your untrusted network are required to use a proxy server and/or different ports, you can configure
the CAS with corresponding proxy server information in order to appropriately redirect HTTP/HTTPS
traffic client traffic to the login page (for unauthenticated users) or HTTP/HTTPS/FTP traffic to allowed
hosts (for quarantine or Temporary role users). You can specify:
•
Proxy server ports only (for example, 8080, 8000)—this is useful in environments where users may
go through a proxy server but not know its IP address (e.g. university).
go through a proxy server but not know its IP address (e.g. university).
•
Proxy server IP address and port pair (for example, 10.10.10.2:80) — this is useful in environments
where the IP and port of the proxy server to be used are known (e.g. corporate/enterprise).
where the IP and port of the proxy server to be used are known (e.g. corporate/enterprise).
Note
Proxy settings are local policies configured on the CAS under Device Management > Clean Access
Servers > Manage [CAS_IP_address] > Advanced > Proxy. For complete details, see the Cisco NAC
Appliance - Clean Access Server Installation and Administration Guide.
Servers > Manage [CAS_IP_address] > Advanced > Proxy. For complete details, see the Cisco NAC
Appliance - Clean Access Server Installation and Administration Guide.
See also
for related information.
Add Default Login Page
A default login page must be added to the system to enable users to log in. For initial testing, you can
follow the steps below leaving all default settings (*) to add a default login page. You can later define
specialized login pages for target subnets and user operating systems. The following steps describe how
to add a login page to the Clean Access Manager for all Clean Access Servers.
follow the steps below leaving all default settings (*) to add a default login page. You can later define
specialized login pages for target subnets and user operating systems. The following steps describe how
to add a login page to the Clean Access Manager for all Clean Access Servers.
1.
Go to Administration > User Pages > Login Page
2.
Click the Add submenu link.
3.
Specify a VLAN ID, Subnet (IP/Mask), or Operating System target for the page. To specify any
VLAN ID or subnet, use an asterisk (*) in the field. For any OS, select ALL.
VLAN ID or subnet, use an asterisk (*) in the field. For any OS, select ALL.
Figure 5-1
Add Login Page
4.
Click Add.
5.
The new page will appear under Administration > User Pages > Login Page > List.