XII. Firewall/Security Features

DrayTek Vigor firewalls that support Web Authentication can be configured to require a user to log in before they are permitted to browse the Internet. This can provide a useful way of restricting which users are permitted Internet access.

When a user tries to access a web page using their web browser the router intercepts the request and redirects them to a log-in page that invites them to log in before they are able to access webpages. Once they have logged in they may browse the internet as normal.

If required, computers can be set to by-pass the Web authentication so that they are automatically given access. This is done by using the bind IP to mac function

Web Authentication is setup via [LAN] > [Web Authentication] menu.

Enable "Bypass IP in IP-MAC binding list" if you want computers that are included in the bind IP to mac list to by-pass the Web Authentication.

Account Setting definies how users are authenticated. If you want to use a global account where all uses use the same username / password to log in then select Common Account and enter the ID and password. Alternatively to setup individual accounts for each user select Share vpn remote dial in profile and then setup the user details by clicking on the Account Setting link. The Account Setting uses the same profile as the VPN Dial in users but the VPN services are automatically disabled so adding an account will not automatically allow the user to log in via VPN

The Timeout Setting defines how long the user is kept logged in for

The Welcome Messageis the message that appears to inform the user that they attempt to access the Internet has been blocked and that they are required to log before they are permitted access. This allows the administrator to add come company specific information, for example a warning message, a telephone number or support contact infromation

When a user first attempts to access the Internet the following page will appear:

When they click on the log-in link they are redirected to a page where the user can enter their Login ID and password

If they enter a valid username / password then they are permitted access:

The user is then permitted to access the Internet until they have been logged out. How / when they're logged out depends on the timeout settings set in the Web Authentication setup.If they're logged out (for example due to a idle timeout) then when they try to access the Internet again they would be presented with the login screen.

How do you rate this article?