Redirecting Unauthenticated Users

You can can redirect HTTP/HTTPS traffic from unauthenticated users to a specified URL instead of the SonicWall’s own login page.

To redirect HTTP/HTTPS traffic from unauthenticated users

1. Select On redirecting unauthenticated users, redirect to an external login page. This option allows users to be authenticated by an external authentication system. This option is not selected by default.

   To allow only unauthenticated users to be redirected, you need to create one or more access rules for this situation.

   The external system can subsequently use the SSO third-party API or RADIUS Accounting to pass the user’s name and credentials to the firewall so they are identified for such activities as access control and logging.

2. When you select this option, the URL field displays. Enter the URL for redirection in the field.
3. To authenticate multiple IP address see Authenticating user's multiple IP addresses

4. Select Allow an SSO login notification to log out and replace a web user session regarding how to handle user sessions in relation to SSO logins. When a user logs in via SSO, it can trigger a logout of any existing web sessions and then establish a new session with the SSO credentials.

   • Always- Select to trigger a logout of any existing web session and then establish a new session with the SSO credentials.

   • When Not Managing: Select this option if the SSO behavior should only apply when the user is not actively managing sessions or accounts.

   • Never- Select when the SSO login should not log out or replace any existing session under any circumstances.

5. To configure options related to the captive portal configured in a zone’s guest settings, scroll to Web Login Settings for Guest Captive Portal.
6. For captive portal guest authentication, to allow the authentication page to show in a portal host page as a frame, select Allow authentication page in frame. This option is not selected by default.
7. Click Accept.