User's Manual
Table Of Contents
- Getting Started
- Wizards
- Using the Startup Wizard
- Using the Wireless Wizard to Configure the Wireless Settings for ISA550W and ISA570W
- Using the DMZ Wizard to Configure the DMZ Settings
- Using the Dual WAN Wizard to Configure the WAN Redundancy Settings
- Using the Site-to-Site Wizard to Establish the Site-to-Site VPN Tunnels
- Using the Remote Access Wizard to Establish the IPSec VPN Tunnels or SSL VPN Tunnels for Remote Access
- Status
- Networking
- Configuring IP Routing Mode
- Port Management
- Configuring the WAN
- Configuring the WAN Redundancy
- Configuring the VLAN
- Configuring the DMZ
- Configuring the Zones
- Configuring the Routing
- Dynamic DNS
- IGMP
- VRRP
- Configuring the Quality of Service
- Address Management
- Service Management
- Wireless Configuration for ISA550W and ISA570W
- Firewall
- Configuring the Firewall Access Rules to Control Inbound and Outbound Traffic
- Configuring the Firewall Schedule
- Firewall Access Rule Configuration Examples
- Configuring the NAT Rules to Securely Access a Remote Network
- Configuring the Session Settings
- Configuring the Content Filtering to Control Access to Internet
- Configuring the MAC Filtering to Permit or Block Traffic
- Configuring the IP/MAC Binding to Prevent Spoofing
- Configuring the Attack Protection
- Configuring the Application Level Gateway
- Security Services
- VPN
- About VPN
- Configuring the Cisco IPSec VPN Server
- Configuring the Cisco IPSec VPN Client
- Configuring the Site-to-Site VPN
- Configuring the SSL VPN
- Elements of the SSL VPN
- Configuration Tasks to Establish a SSL VPN Tunnel
- Installing the Cisco AnyConnect VPN Client on User’s PC
- Importing the Certificates for User Authentication
- Configuring the SSL VPN Users
- Configuring the SSL VPN Gateway
- Configuring the SSL VPN Group Policies
- Configuring the SSL VPN Portal
- Configuring the L2TP Server
- Configuring the VPN Passthrough
- Viewing the VPN Status
- User Management
- Device Management
- Remote Management
- Administration
- SNMP
- Configuration Management
- Firmware Management
- Log Management
- Managing the Security License
- Managing the Certificates for Authentication
- Configuring the Email Alert Settings
- Configuring the RADIUS Servers
- Configuring the Time Zone
- Device Discovery
- Diagnosing the Device
- Measuring and Limiting Traffic with the Traffic Meter
- Configuring the ViewMaster
- Configuring the CCO Account
- Configuring the Device Properties
- Configuring the Debug Settings
- Troubleshooting
- Technical Specifications and Environmental Requirements
- Factory Default Settings
- Where to Go From Here
Wireless Configuration for ISA550W and ISA570W
Configuring Wireless Captive Portal
Cisco ISA500 Series Integrated Security Appliance Administrator Guide 175
5
• Web Authentication Type: Choose one of the following methods for web
authentication. The security appliance can authenticate the wireless users
by using the local database and external AAA server (such as RADIUS, AD,
LDAP, and so forth). The authentication method is derived from the user login
settings that you specified in the Users -> Settings page.
- Internal: Uses the default web authentication login page to authenticate
the wireless users. If you choose this option, you can modify the following
information on the default web authentication login page:
Cisco Logo: If you want to hide the Cisco logo that appears in the top
right corner of the default page, choose Hide. Otherwise, choose Show.
Headline: If you want to create your own headline on the login page,
enter the desired text in this field.
Message: If you want to create your own message on the login page,
enter the desired text in this field.
- Internal, No auth with accept button: Allows users to access the
wireless network without entering a user name and password. If you
choose this option, a web passthrough window is prompted. Click the
Accept button to access the network without the user name and
password.
- External Web Server: Uses a customized web authentication login page
on an external web server to authenticate the wireless users. If you
choose this option, enter the IP address of the external web server in the
Authentication Web Server field and the key in the Authentiation Web
Key field. The authentication web key is used to protect the user name
and password that the external web server sends to your security
appliance for authentication.
- External, No auth with accept button: Allows users to access the
wireless network without entering a user name and password. If you
choose this option, a web passthrough window is prompted. Click the
Accept button to access the network without the user name and
password.
• Redirected URL After Login: If you want the wireless users to be directed
to a particular URL (such as the URL for your company) after login, enter the
desired URL (such as www.AcompanyBC.com) in this field. If you do not
specify the portal (keep it blank), the wireless user can access the original
web site directly.