1. Select the IP Group named “test” from the tree. 2. Click Members in the pop-up menu to display the
Members window:
Fig. 5-4 Group Members window
3. Click the radio button corresponding to “Source IP”. 4. Enter the Source IP address of the workstation, and
select 255.255.255.255as the subnet mask. 5. Click Add to include the IP address in the Current
Step 4: Give “workstation” a 32-bit net mask
1. Select the IP Sub-Group “workstation” from the tree. 2. Click Members in the pop-up menu to display the
Members window:
Fig. 5-5 Sub Group Members window
3. Click the radio button corresponding to “Member IP”. 4. In the Member IP fields, enter the IP address of the work-
station, and select 255.255.255.255as the subnet mask. 5. Click Modify.
Step 5: Block everything for the Sub-Group
1. Select the IP Sub-Group “workstation” from the tree. 2. Click Sub Group Profile in the pop-up menu to display the
Sub Group Profile window:
Fig. 5-6 Sub Group Profile window, Category tab
3. In the Category Profile page, select “Block All” from the Available Filter Levels pull-down menu.
TIP: Blocks of category groups can be moved by clicking the first
category group, and then pressing the Shift key on your keyboard while clicking the last category group, and then clicking in the Block column.
4. For Uncategorized Sites, select “Block”. 5. Click Apply.
Step 6: Use Authentication Request Page for
redirect URL
1. Click the Redirect URL tab to display the Redirect URL page:
Fig. 5-7 Sub Group Profile window, Redirect URL tab 2. Select “Authentication Request Form”.
NOTE: The host name of the Web Filter will be used in the redi- rect URL of the Authentication Request Form, not the IP address. Be sure a forward/reverse DNS entry for the Web Filter is made on the DNS server.
Step 7: Disable filter options
1. Click the Filter Options tab to display the Filter options page:
Fig. 5-8 Sub Group Profile window, Filter Options tab 2. Uncheck all the checkboxes: “X Strikes Blocking”,
“Google/Bing/Yahoo!/Ask/AOL Safe Search Enforce- ment”, “Search Engine Keyword Filter Control”, “URL Keyword Filter Control”, and “Extend URL Keyword Filter Control”.
Step 8: Attempt to access Web content
NOTE: For this step, you must have your own profile set up in order to complete the test process.
1. Launch an Internet browser window supported by the Web Filter:
Fig. 5-9 Internet Explorer browser
2. Enter a URL in the Address field of the browser window.
NOTE: The URL should be one that begins with “http”—not “https”.
3. After clicking Go, the Authentication Request Form should open:
Fig. 5-10 Authentication Request Form 4. Enter the following information:
• Username • Password
If the Domain and Alias fields display, select the following information:
• Domain you are using
• Alias name for that domain (unless “Disabled” displays and the field is greyed-out)
5. Click Log In to authenticate or re-authenticate yourself on the network.
The test process has been completed successfully if you are now able to access the content for the URL you entered at step 2 in this section.
Test net use based authentication settings
1. From the test workstation, go to the NET USE command line and enter the NET USE command using the
following format: NET USE \\virtualip\R3000$ For example: NET USE \\192.168.0.20\R3000$
The entry you make should initiate a connection with Tier 1.
TIP: The virtual IP address should be the same as the one entered in the Virtual IP Address to Use for Authentication field in
the Authentication Settings window (see Chapter 2: Network
Setup, Enter network settings for authentication).
2. Make a Web request to a site you can access, based on your filtering profile.
The test process has been completed successfully if you are now able to access the content for the URL you entered at step 2 in this section.
Activate Authentication on the Network
After successfully testing authentication settings, you are now ready to activate authentication on the network. To verify that authentication is ready to be activated on the network, do either of the following, based on the Tier you selected:• If Tier 2 or Tier 3 Web-based authentication will be used: There are two options for Web-based authentica- tion: IP Group authentication, and Global Group Profile authentication. Select the option you wish to use on your network. Go to the Activate Web-based authentication for an IP Group sub-section for instructions on setting up an IP Group profile for authentication. Go to the Activate Web-based authentication for the Global Group sub- section for instructions on setting up the Global Group Profile for authentication.
NOTE: An accelerator card is recommended if using Web-based authentication.
• If Tier 1 net use based authentication will be used: Go to the Activate net use based authentication sub-section for instructions on testing the login script and modifying the Global Group Profile for authenticating users.
Activate Web-based authentication for an
IP Group
IP Group authentication is the preferred selection for Web- based authentication—over the Global Group Profile authentication option—as it decreases the load on the Web Filter.