Skip to content Skip to main navigation Skip to footer
Wavecrest Knowledge Base

Authentication Manager

How to troubleshoot Web sites that do not authenticate

Category: Administration, Authentication Manager

This applies to CyBlock Software, CyBlock Appliance, and CyBlock Cloud.

If you have troublesome Web applications that fail to authenticate, you can turn off authentication for that specific IP address to determine if it is an authentication problem.

  1. Go to User Management – Authentication.
  2. On the Rules tab, create a rule as follows:
    • For the network definition, select IP Address/Subnet.
    • For the type of authentication, select Disabled.
    • Enter the IP address of the computer that is experiencing an issue.
    • Add the rule.
  3. Try to access the site again.

If the test is successful, that is, you are able to get to the site, the problem is authentication, and you can add the URL to the Bypassed list in the Authentication Manager.

If the test is unsuccessful, the issue is not authentication, but proxying/filtering. Contact Technical Support for assistance.

For CyBlock Cloud, customers will need to contact Technical Support to have troublesome URLs added to the Bypassed list.

 

See also:

How to set up a captive portal

Category: Administration, Authentication Manager

For CyBlock customers, captive portal is available as an alternative to NTLM authentication in CyBlock Software, CyBlock Appliance, and CyBlock Cloud (version 9.1.0). Captive portal requires an account for each user who wants to access the Internet through your network. When a user tries to access a Web site, a browser cookie authentication logon page is displayed that will allow users to create an account or reset their password if forgotten. When entering their credentials, you can require users to agree to the company’s AUP before continuing on.

The steps to set up a captive portal are highlighted below. Be sure to check out the product Help or manual for detailed instructions.

  1. Set up your rules for proxy authentication. Go to User Management – Authentication.

userManagementAuthenticationRules

Note:  The Bypass and Cache tabs are available in CyBlock Software and CyBlock Appliance only.

  1. Define how long the cookie will persist, and specify and preview the details of your cookie authentication logon page. Go to User Management – Authentication and click the Cookie tab.

userManagementAuthenticationCookie

Note:  In CyBlock Appliance and CyBlock Cloud, this tab will be displayed differently.

  1. Ensure that users have an e-mail address entered in Groups and IDs. Go to User Management – Edit Users – Modify.

userManagementEditUsersModify

  1. Set up users’ browsers to allow local addresses to go through the proxy, that is, to not bypass the proxy server.
    • In Internet Explorer, go to Tools – Internet options and click the Connections tab.
    • Click LAN settings.
    • Under Proxy server, ensure that the “Bypass proxy server for local addresses” check box is not selected.
  2. Access a Web site, and the cookie authentication logon page will appear allowing you to create an account.
  3. After creating your account, enter your new password, and you will be redirected to the Web site that you were trying to access.

For additional assistance, please contact Technical Support at (321) 953-5351, Ext. 4 or support@wavecrest.net.

Disappearing entries in Authentication Manager

Category: Administration, Authentication Manager, Proxy Settings

There is a known issue with Authentication Manager in versions prior to 6.8.2e. Adding a new bypass entry appears to delete all other entries. A service restart may alleviate the issue until the next entry is added.

Upgrading to at least version 6.8.3a is recommended (Administration – Product Update).

Note:  A new release with a redesigned user interface and enhanced functionality is available. Get more information on this upgrade at http://www.wavecrest.net/support/announcements.html.

How to bypass authentication requests from specific URLs

Category: Authentication Manager, Proxy Settings

In the CyBlock interface, go to User Management – Authentication and select the Bypass tab¹ ².

  1. Click the green button green button in the upper right-hand corner to add a new bypassed entry.
  2. Enter the applicable URL. Asterisks are accepted as wildcards.
  3. For “User-Agent,” enter an asterisk (*).
  4. Click Add.

Note:  Bypassed traffic does not return a user name, only an IP address. Traffic of this nature is logged under the ID “bypassed”. A report can be run on “bypassed” in order to see the IP addresses.

 

¹ For CyBlock version 9.0.5 and later: User Management – Authentication – Manager. Click Add new bypass entry at the bottom of the Bypassed list.

² For CyBlock version 6.8.3a and earlier: Advanced SettingsProxy SettingsAuthentication Manager. Click Add new bypass entry at the bottom of the Bypassed list.

How to allow LinkedIn while blocking Social Networking

Category: Administration, Authentication Manager, Proxy Settings

LinkedIn is filtered under the Social Networking category. To allow LinkedIn, while continuing to block other Social Networking sites, you can create a custom allowed category.

  1. Navigate to Categorization – Customize – URLs¹.
  2. Select the Custom option, and enter a name for the allowed category.
  3. In the Custom URLs field, add the following entries (including asterisks). Each entry must be on its own line.
    – *.linkedin.com
    – *.licdn.*
  4. Click Submit.

Note:  Custom categories are initially allowed by default, but can be changed to fit certain policies.

 

¹ For CyBlock version 6.8.3a and earlier:

  1. Create a custom category by navigating to Advanced Settings – Category Setup – Custom Categories.
    – Enter a category name and click Submit.
  2. Add URLs to the custom category by navigating to Advanced Settings – Category Setup – Edit URLs.
    – Select your created category and enter the URLs in the Supplemental URLs field.

How to allow iTunes to bypass authentication

Category: Administration, Authentication Manager, Proxy Settings

Users configured to go through the proxy may experience connection issues with iTunes.

To allow iTunes to bypass authentication, two entries need to be added to the Authentication Manager.

  1. Open the CyBlock interface and navigate to User Management – Authentication¹ ².
  2. Select the Bypass tab.
  3. Click the green button green button in the upper right-hand corner to add a new bypassed entry.
    – For “URL or Domain,” enter *.apple.com (with asterisk). For “User-Agent,” enter an asterisk (iTunes/*). Click Add.
  4. Add a second bypassed entry.
    – For “URL or Domain,” enter an asterisk (*). For “User-Agent,” enter iTunes/* (with asterisk).

 

¹ For CyBlock version 9.0.5 and later: User Management – Authentication – Manager. Click Add new bypass entry at the bottom of the Bypassed list.

² For CyBlock version 6.8.3a and earlier: Advanced SettingsProxy SettingsAuthentication Manager. Click Add new bypass entry at the bottom of the Bypassed list.