Specify a user-agent value to be used to verify that the user’s browser traffic is HTTP/HTTPS traffic. Firewall authentication checks the value against the User-Agent field in the browser header. For example, the auth-user-agent parameter might specify Opera1 to be verified against the brower’s User-Agent field for a match.
You can use the auth-user-agent parameter alone for pass-through or user-firewall authentication or in conjunction with auth-only-browser.
The auth-only-browser directs firewall authentication to ignore non-browser HTTP/HTTPS traffic to ensure that unauthenticated users using an HTTP/HTTPS browser are authenticated by captive portal before they are granted access to protected resources. It can happen that non-browser HTTP/HTTPS services running in the background can trigger captive portal authentication creating a race condition that suppresses presentation of the captive portal interface to the HTTP/HTTPS browser user.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.