Web Auth

rob_jpt
rob_jpt Posts: 2
edited April 2021 in Security
We are currently setting up a USG110 for a client and they want all of their users to have to be authentication through SSO back to Windows AD, as only certain users are allowed Internet access. We have configured this and is currently being checked.

However, what we also need to be able to do is have all users allowed access to Office 365 services WITHOUT having to authenticate. We were able to do this on their previous Sonicwall but I can't see an obvious way to achieve this with the USG110. If anyone has done this would really appreciate some pointers.

Thanks

All Replies

  • Daniel_LU
    Daniel_LU Posts: 16  Freshman Member
    edited July 2018
    you can do this: Configuration--->UTM Profile--->Content Filter--->ADD--->Custom Service---->check "Enable custom service", check "Allow web traffic for trusted web site only", if you want check "Check common trusted/forbidden List".

    Create rule in "Policy control"



  • rob_jpt
    rob_jpt Posts: 2
    Hi @Daniel_LU,

    Thanks for the info! In doing that, would that also allow services such as exchange, Skype for Business etc through or would it just be web traffic?

    Thanks
  • Daniel_LU
    Daniel_LU Posts: 16  Freshman Member
    For skype there is the service "App Patrol". In this section, you can block or allow or reject apps.

    You can even customize it.



  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,075  Zyxel Employee
     
    Welcome to Zyxel community.:)

    According your requirement, you can add a FQDN addressed rule and let this rule to bypass the authentication.
    To achieve this, you need to add the URLs into WebAuth policy, and set the authentication method to “unnecessary”
    Then all users can access to the FQDN sites(Office 365 sites in this example)  without authentication.



Security Highlight