1) Create a Local Realm with user and password:
ProxySG Management Console -> Configuration tab -> Authentication -> Local -> Local Realms -> New button (create a new realm).
Then go to Configuration tab -> Authentication -> Local -> Local Main tab -> set the options according to the requirement.
2) Create a guest group and add guest user in the list via Command Line Interface (CLI). The following is the command and procedure
a) Access CLI using PuTTY or a similar tool and enter enable mode:
#conf t
#(config) security local-user-list create MCaccesslist (Note that any name can be given -- doesn't necessarily need to be MCaccesslist)
b) Add the guest group to the list. Add a group before creating a guest user that is to be a member of that group. Group and user names are case sensitive. The following is the process of creating the guest group and user.
#(config) security local-user-list edit MCaccesslist
#(config local-user-list MCaccesslist) group create guestaccess (guestaccess is the name of the group in this example, though any name may be specified)
#(config local-user-list MCaccesslist) user create guest (guest is the name of the user in this example, though any name may be specified)
#(config local-user-list MCaccesslist) user edit guest
#(config local-user-list MCaccesslist guest) password bestpasswordever (bestpasswordever is the password in this example, though a different password may certainly be specified instead)
#(config local-user-list MCaccesslist guest) exit
3) Create an authentication form. Below is an example:
Authentication_form, looks similar to the following:
<HTML>
<HEAD>
<TITLE>Enter Proxy Credentials for Realm $(cs-realm)</TITLE>
</HEAD>
<BODY>
<H1>Enter Proxy Credentials for Realm $(cs-realm)</H1>
<P>Reason for challenge: $(exception.last_error)
<P>$(x-auth-challenge-string)
<FORM METHOD="POST" ACTION=$(x-cs-auth-form-action-url)>
$(x-cs-auth-form-domain-field)
<P>Username: <INPUT NAME="PROXY_SG_USERNAME" MAXLENGTH="64"
VALUE=$(cs-username)></P>
<P>Password: <INPUT TYPE=PASSWORD NAME="PROXY_SG_PASSWORD"
MAXLENGTH="64"></P>
<INPUT TYPE=HIDDEN NAME="PROXY_SG_REQUEST_ID" VALUE=$(x-cs-authrequest-id)>
<INPUT TYPE=HIDDEN NAME="PROXY_SG_PRIVATE_CHALLENGE_STATE"
VALUE=$(x-auth-private-challenge-state)>
<P><INPUT TYPE=SUBMIT VALUE="Submit"> <INPUT TYPE=RESET></P>
</FORM>
<P>$(exception.contact)
</BODY>
</HTML>
4) Create an Authentication Rule that uses form-ip and not form-cookie as follows:
a) In Visual Policy Manager (VPM), create a Web Authentication Layer.
b) Add Rule in the Layer as: Source Any, Destination Any , right click Action and click Set... The Set Action Object dialog displays.
c) Click the New... button and select Authenticate... from the drop·down list. The Add Authenticate Object dialog displays.
d) Name the Object, set the Realm to the one created in step 1, set the Mode to Form IP, set the Authentication Form to the one created in step 3, and click OK.
5) Allow authenticated users to access the Internet.