Configuring Web authentication to support Web proxy
By default, proxied HTTP requests cannot trigger Web authentication but are silently dropped. To allow such HTTP requests to trigger Web authentication, specify the port numbers of the Web proxy servers on the device.
If a user's browser uses the Web Proxy Auto-Discovery (WPAD) protocol to discover Web proxy servers, you must perform the following tasks:
Add the port numbers of the Web proxy servers on the device.
Configure authentication-free rules to allow user packets destined for the IP address of the WPAD server to pass without authentication.
For Web authentication to support Web proxy:
You must add the port numbers of the Web proxy servers on the device.
Users must make sure their browsers that use a Web proxy server do not use the proxy server for the listening IP address of the local portal Web server. Thus, HTTP packets that the Web authentication user sends to the local portal Web server are not sent to the Web proxy server.
To configure Web authentication to support a Web proxy:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Add a Web proxy server port number. | web-auth proxy port port-number | By default, no Web proxy server port number is configured and proxied HTTP requests cannot trigger Web authentication. |