Dear All,

I have 200+ users in my trust zone and internet on untrust zone. i have ic4000 without OAC and i can only use agentless access. i am running 2.0R3. i just want to allow users from Trust to Untrust only after successfully authenticated from UAC

i just want host checker to run and after meeting the required criteria for example notepad must run, user must enter their usernames and passwords in order to authneticate from UAC authentication server ---> Users -->, only after authentication user should be allowed to go to the internet.

Problem 1:

i created 5 users in UAC under authentication server --> users

userA, userB, userC, userD and userE with password abc123.

now when i ran https://10.1.20.10/agentless then host checker runs and asks for username and password, i can login to UAC with any of the username and password, but when i try to login to some other machine, then on that machine it again asks for username and password after host checker runs and now the problem rises, i am unable to login to UAC with any of remaining four users, i can log in to UAC with the same username and password which i am already using on previous machine.

If there is any solution in which i could be able to use UAC as authentication server as well.???

Problem 2:

On firewall which is acting as Enforcer, In the ssg550/140, in the polcy--> advanced ---> authentication, i set the option redirect unauthenticated traffic.

sometimes it redirect any attempted url to UAC and autmatically host checker starts but most of the time it did not redirect then i have to manually access https://10.1.20.10/agentless in order to run host checker.

Problem 3:

Can i use radius server in my scenario which only support agentless access ??? if yes then please explain.

Problem 1 is very critical, please guide me how to use SBR funcationality of UAC in agentless envoirnment.

Its really urgent.

thanks