Web Auth

We are currently setting up a USG110 for a client and they want all of their users to have to be authentication through SSO back to Windows AD, as only certain users are allowed Internet access. We have configured this and is currently being checked.

However, what we also need to be able to do is have all users allowed access to Office 365 services WITHOUT having to authenticate. We were able to do this on their previous Sonicwall but I can't see an obvious way to achieve this with the USG110. If anyone has done this would really appreciate some pointers.


All Replies

  • Daniel_LUDaniel_LU Member, SecuReporterBeta Posts: 16  Freshman Member
    edited July 11, 2018 11:45PM
    you can do this: Configuration--->UTM Profile--->Content Filter--->ADD--->Custom Service---->check "Enable custom service", check "Allow web traffic for trusted web site only", if you want check "Check common trusted/forbidden List".

    Create rule in "Policy control"

  • rob_jptrob_jpt Member Posts: 2
    Hi @Daniel_LU,

    Thanks for the info! In doing that, would that also allow services such as exchange, Skype for Business etc through or would it just be web traffic?

  • Daniel_LUDaniel_LU Member, SecuReporterBeta Posts: 16  Freshman Member
    For skype there is the service "App Patrol". In this section, you can block or allow or reject apps.

    You can even customize it.

  • Zyxel_StanleyZyxel_Stanley Zyxel Official Agent Posts: 717  mod
    Welcome to Zyxel community.:)

    According your requirement, you can add a FQDN addressed rule and let this rule to bypass the authentication.
    To achieve this, you need to add the URLs into WebAuth policy, and set the authentication method to “unnecessary”
    Then all users can access to the FQDN sites(Office 365 sites in this example)  without authentication.

Sign In to comment.