Cisco Cisco Web Security Appliance S670 ユーザーガイド
5-21
AsyncOS 8.5 for Cisco Web Security Appliances User Guide
Chapter 5 Acquire End-User Credentials
Failed Authentication
About Failed Authentication
Users may be blocked from the web due to authentication failure for the following reason:
•
Client limitations. Some client applications may not properly support authentication. You can
bypass authentication for these clients by configuring Identities that do not require authorization and
basing their criteria on the clients (and, optionally, on the URLs they need to access).
bypass authentication for these clients by configuring Identities that do not require authorization and
basing their criteria on the clients (and, optionally, on the URLs they need to access).
•
Authentication service is unavailable. An authentication service might be unavailable due to
network or server issues. You can choose to allow unauthenticated traffic in this circumstance.
network or server issues. You can choose to allow unauthenticated traffic in this circumstance.
•
Invalid credentials. Some users may be unable to supply valid credentials for proper authentication
(for example, visitors or users awaiting credentials). You can choose to grant these users limited
access to the web.
(for example, visitors or users awaiting credentials). You can choose to grant these users limited
access to the web.
Related Topics
•
•
•
Bypassing Authentication
Related Topics
•
Bypassing the Web Proxy
Permitting Unauthenticated Traffic While Authentication Service is
Unavailable
Unavailable
Note
This configuration applies only when an authentication service is unavailable. It will not bypass
authentication permanently. For alternative options, see
authentication permanently. For alternative options, see
Step 1
Choose Network > Authentication.
Step
More Information
1.
Create a custom URL category that contains the
affected websites by configuring the Advanced
properties.
affected websites by configuring the Advanced
properties.
2.
Create an identity with these characteristics:
–
Placed above all identities that require
authentication.
authentication.
–
Includes the custom URL category.
–
Includes affected client applications.
–
Does not require authentication
3.
Create a policy for the identity.