Why can users on a network segment directly access the internet without being redirected to the authentication page after the user name and password authentication is configured for the network segment?
In versions earlier than SPC600, the
authentication policies of all network segments are non-authentication by
default. If a user sends packets that pass through the device (that is, the
user is online as a non-authentication user) before the authentication policy
of a network segment is set to user name and password authentication, modifying
the authentication policy of the network segment where the user resides does
not force the online user to log out. Therefore, the authentication page is not
pushed to the user.
By default, a user is automatically logged out if the user does not have traffic within 30 minutes. You can also choose Real-Time Status > Online Users to forcibly log out the user. The device pushes the authentication page when the user accesses the Internet again.
For SPC600 and later versions, you can apply the authentication policy to online users and new online users to prevent such problems.