When USG2100 was set to cooperate with Secospace as SACG, a problem about page push configuration often happened in many offices.
An example is as follow, the parameters could be changed according to cases.
P.S. The configuration is base on cooperation of SACG and Secospace.
1. Configured a certificated url.
right-manager authentication url http://100.100.100.100:8080/WebAuth
2. Set a certificated server, ip address could be chosen the ip address of the port linked with PC (in fact, the ip addresses of other ports also could be chosen).
firewall authentication server http enable
firewall authentication server ip 100.100.100.180
3. Configured the security zone in the port linked with PC.
firewall zone trust
set priority 85
add interface Vlanif1
/* 3000 is the ACL number. Only push the message which match with ACL no.3000 */
firewall authentication session-based 3000 outzone