Cisco Cisco Web Security Appliance S670 Guida Utente
5-29
AsyncOS 9.1 for Cisco Web Security Appliances User Guide
Chapter 5 Acquire End-User Credentials
Failed Authentication
•
•
About Failed Authentication
Users may be blocked from the web due to authentication failure for the following reasons:
•
Client/user agent limitations. Some client applications may not properly support authentication.
You can bypass authentication for these clients by configuring Identification Profiles that do not
require authorization and basing their criteria on the clients (and, optionally, on the URLs they need
to access).
You can bypass authentication for these clients by configuring Identification Profiles that do not
require authorization and basing their criteria on the clients (and, optionally, on the URLs they need
to access).
•
Authentication service is unavailable. An authentication service might be unavailable due to
network or server issues. You can choose to allow unauthenticated traffic in this circumstance.
network or server issues. You can choose to allow unauthenticated traffic in this circumstance.
•
Invalid credentials. Some users may be unable to supply valid credentials for proper authentication
(for example, visitors or users awaiting credentials). You can choose to grant these users limited
access to the web.
(for example, visitors or users awaiting credentials). You can choose to grant these users limited
access to the web.
Related Topics
•
•
•
•
Bypassing Authentication with Problematic User Agents
Some user agents are known to have authentication issues that can impact normal operations.
You should bypass authentication via the following user agents:
•
Windows-Update-Agent
•
MICROSOFT_DEVICE_METADATA_RETRIEVAL_CLIENT
•
Microsoft BITS
•
SLSSoapClient
•
Akamai NetSession Interface
•
Microsoft-CryptoAPI
•
NCSI
•
MSDW
•
Gnotify
•
msde
•
Google Update
Note
The access policies will still filter (based on URL categories) and scan (McAfee, Webroot) traffic as per
the access policy setup.
the access policy setup.