Edit the following options to define new or edit existing Infranet Controller settings:
Infranet Controller Instance: Enter a friendly or meaningful name within 32 characters to identify the Infranet Controller.
IP/Domain Name: Enter an IPv4 address or the host name of the Infranet Controller.
Port: This is the port communicating with the Infranet Controller. The pre-configured default port is 11122. The solution will not work if you change the default port.
Timeout: Enter a value between 1-10,000 to specify the length of time in seconds for a device to stop contacting a non-responsive Infranet Controller. The default value is 60 seconds.
Redirect URL: If you've configured a redirect infranet-auth policy (see policies > Advanced > Infranet Auth), then enter an URL to redirect HTTP traffic to an Infranet Controller or external webserver through HTTPS.
Enter a URL string with the following format
within double quotes:
“http://<connected Infranet Controller
IP or domain name>/?target=%dest-url%”
For example,
To redirect to an Infranet Controller and forward the protected resource URL, enter:
https://abc.company.com/?target=%dest-url%
To redirect to a webserver and forward the protected resource URL, enter:
https://server1.company.com/cgi-bin/redirect.cgi?target=%dest_url%
The security device replaces the %dest-url% parameter with the user-requested protected resource URL, and then forwards the protected resource URL in encrypted form to the Infranet Controller.
In the Redirect URL string, you can omit the ?target=%dest-url% parameter.
For example,
https://server1.company.com
If you do not include the %dest-url% parameter, the user must manually open a new Web browser window and enter the protected resource URL again after signing in.
Note: If you do not specify the URL, the security device uses the default redirect URL.. The default redirect URL (Infranet Controller) is not displayed.
If you configured your device to work with multiple Infranet Controllers in a cluster, and the current Infranet Controller becomes disconnected, the security device automatically redirects HTTP traffic to the next active Infranet Controller in its configuration list. The security device redirects traffic to only one Infranet Controller at a time.
For more information on using this captive portal feature, see the Unified Access Control Administration Guide.
NACN Parameters
Source Interface: Select the interface that the device uses to communicate with the Infranet Controller. Select vlan1 if your device is operating in Transparent mode (Layer 2).
Password: Enter a string of up to 200 alphanumeric characters. This password is used when the device uses NACN (Netscreen Address Change Notification) to contact the Infranet Controller.
Selected CA: Select the CA from the pull-down menu. To create a CA, go to Objects > Certificates > New.
Cert Subject Name: This is optional. Enter a name field for the Infranet Controller Certificate.
Click OK to save your settings.
June 15, 2006