Cyberoam Knowledge Base


Advanced Search

Table of Contents

. . . . . . . . . . . . .

What's New

Knowledge Base Information

Cyberoam UTM

Product Literature

Best Practices & Policies

Protect Your Cyberoam Appliances from Power Fluctuations

Configure Guest User Authentication

Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication

Push NTLM Settings in Internet Explorer Through GPO in Windows Server 2008

Install Novell eDirectory Compatible CTAS

Integrate Cyberoam with RSA SecurID as a RADIUS Client

Allow Specific Websites without Authentication

Configure NTLM Support in Web Browsers

Configure NTLM in Cyberoam

Configure Cyberoam to use RADIUS Server for Authentication

Customize a Denied Message on Cyberoam Appliance

Integrate Cyberoam with LDAP

Serve a Denied page instead of Captive Portal for unauthenticated users

Implement Clientless SSO Authentication in Multiple Active Directory Domain Controller

Assign Group Membership to Users in case of Tight Integration with Active Directory

Integrate with Active Directory

Implement Clientless SSO Authentication in Single AD Domain Controller Environment

Implement SSO Authentication with AD

Import AD Groups

Implement Single Sign on Authentication with Active Directory Integration with Non-English version of Windows

Serve a Denied Page with Captive Portal Link for Unauthenticated Users

Clients

Content Filtering

Firewall

Identity-based Policies

IPS

Logs & Reports

Multiple Gateway - Load Balancing and Failover

Quality of Service (QoS)

Web Application Firewall (WAF)

Wireless LAN

Configure Wireless WAN

TroubleShooting

Visio Stencils

Glossary

Product Technical Support

Compatibility

Cyberoam Virtual UTM

Endpoint Data Protection

Cyberoam SSL VPN

Cyberoam iView

Cyberoam Central Console

Cyberoam's On-Cloud Management Service

Allow Specific Websites without Authentication

Applicable Version: 10.00 onwards

Overview

This article describes how we can allow users to access specific websites even though they are not authenticated.

Requirement

Allow unauthenticated users access to specific websites, namely, www.cyberoam.com and www.elitecore.com. The user should not be able to access anything else apart from the mentioned websites without getting authenticated.

Solution

You can allow unauthenticated users to access only the websites mentioned above by following the steps given below.

Step 1: Create Custom Web Category

Go to Web Filter à Category à Category and click Add to create a new Web Category using the parameters given below.

Parameter Description

Parameter	Value	Description
Name	AllowedWebsites	Name to identify the Category.
Classification	Productive	Specify how the category is classified. Available options: - Productive - Non-Working - Neutral - Unhealthy
QoS Policy	None	Specify QoS policy to be applied on the category
Domain/Keyword	www.elitecore.com, www.cyberoam.com	Domain: Mention the domain(s) which are to be blocked/allowed. Keyword: You can also mention keywords. Any URL containing those keywords is blocked/allowed.

Click OK to create the web category.

Step 2: Create Web Filter Policy

Go to Web Filter à Policy à Policy and click Add to create a policy using following parameters.

Parameter Description

Parameter	Value	Description
Name	Allow_Websites	Name to identify the Policy.
Template	Deny All	Select a template if you want to create a new policy based on an existing policy.
Download File Size Restriction	0	User will not be allowed to download file greater than the configured size.

Click OK to create the web filter policy.

Step 3: Add Web Filter Policy Rule

Select the policy Allow_Websites to create rule for the policy.

Click Add to add a new rule using the parameters given below.

Parameter Description

Parameter	Value	Description
Category Type	Web Category	Select Category Type for which the rule is to be added. Available options: - Web Category - File Type Category - URL Group - Dynamic Category
Category	AllowedWebsites	You can also search the category name from the search text box provided.
HTTP Action HTTPS Action	Allow	Select HTTP and HTTPS action.
Schedule	All the time	Select the Schedule for categories selected.

Click OK to add the rule.

Step 4: Configure LAN_WAN_AnyTraffic Rule

Since the LAN_WAN_AnyTraffic Rule is set to drop all unauthenticated traffic, you have to configure it to allow specifically the two mentioned sites.

To configure the rule, follow the steps below.

Go to Firewall à Rule à Rule and select LAN_WAN_AnyTraffic to configure it.

Under the Security Policies section, select Web Filter as Allow_Websites.

Click OK to apply the changes.

The above configuration allows unauthenticated users to access only www.elitecore.com and www.cyberoam.com. All the rest requires authentication.

Document Version: 1.0 – 28/04/2012

Attachments
	How To â€“ Allow Specific Websites without Authentication.pdf

Article ID: 2281