[IAG] After enabling direct access, the authentication interface will still pop up when opening an HTTPS website
Problem Description
When troubleshooting Internet access, after enabling data direct access, it was found that the website opened with https would still redirect to the IAG authentication interface.
Process——
- Check whether the direct pass is enabled correctly. If the direct pass is normal and the direct pass prompts the user that the authentication packet is lost, it means that the direct pass is enabled normally and there is no problem.
- There is no problem opening the http website and it can be opened normally. However, when you open the https website, you will be redirected to the device authentication interface.
- After checking the configuration, I found that the option "Redirect to the authentication page when HTTPS request fails authentication" was checked, and the authentication method selected was password authentication.
757795c022c9660d77.png (4.47 KB) - For IAG devices with versions below 12.0.5, if the https redirection to the authentication interface function is enabled, even if data direct access is enabled, the https website will still be redirected to the authentication interface.
- Remove the check mark for redirecting https to the authentication interface or change the password authentication method to one that does not require authentication.
solution
There are two solutions: 1. Upgrade to version 12.0.5 to solve the problem. 2. Temporarily remove https redirection or change the password authentication method to not require authentication.
Original Link
https://support.sangfor.com.cn/cases/list?product_id=22&type=1&category_id=6642&isOpen=true