Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Setting ScreenOS Authentication Options Using Banners Overview

 

You can customize the message that appears when a device user logs on to the security device through Telnet, FTP, HTTP, or WebAuth. This message, called a banner, provides confirmation to device users to let them know the status of the connection. Default banners already exist, but you can write a new message to suit your needs. You can use different banners for each protocol.

Note

To configure the Telnet, SSH, or console connection banner, see Configuring CLI Banners in NSM Overview.

To configure a protocol banner, select the protocol tab and edit the default Telnet, FTP, and HTTP messages as described in Table 1.

Table 1: Protocol Banner Settings

Protocol Banner Settings

Your Action

Attempted Logins

Enter a new message or edit the existing default message in the Login text box. Device users receive this message when they are prompted for their authentication credentials.

Successful Logins

Enter a new message or edit the existing default message in the Success text box. Device users receive this message after their credentials have been authenticated and a connection has been established.

Failed Logins

Enter a new message or edit the existing default message in the Fail text box. Device users receive this message when authentication fails or when the device user is not authorized to access the device.

To configure the WebAuth banner, select the WebAuth tab and enter a new message (or edit the existing default message in the Success text box. This message is provided to auth user when their WebAuth credentials have been authenticated and a connection has been established. The message appears at the top of a Web browser screen, after an auth user has successfully logged on to a WebAuth address. Typically, the message informs the user that the authentication was successful, but you can enter any message you want, up to a maximum of 220 characters.

Banners are optional; you are not required to configure banners for the security device.

Note

Device administrators can create login banners for console, telnet, and secondary connections.