CA - Signed certificate for Guest User Access/Authentication

Guest users are presented with a certificate on redirection to an interface IP

if a self-signed certificate is in use, on the firewall, guest users will be redirected to the interface IP, when connecting to the guest network, and will receive a certificate warning.

Importing a CA signed certificate and redirecting the Interface to the Firewall's Domain Name will ensure that that browser no longer displays a warning message.

To import a signed certificate and redirect the browser to the Firewall's Domain Name the following steps are required:

1. Import a CA signed certificate under Device | settings | Certificates
   
   
   
   
   
   
2. After the firewall has been restarted select the certificate under Device | settings |Administration | Management
   
   
   
   You will then be prompted to restart the firewall again
   
   
   
3. Add the Firewall’s Domain Name under Device | Settings | Administration | Firewall Administrator
   
   
   
   
4. Select its configured domain name under Device | Users | Settings | Web Login
   
   
   
5. Enable DNS Proxy by adding a rule under Policy | Rules and Policies | DNS Rules
   
   
   
6. Add a DNS Proxy Cache Entry under Network | DNS | DNS Proxy | Static DNS Proxy Cache Entries
   
   
   
7. On the Guest DHCP scope add the Guest zone interface IP as the DNS server
   
   
   
8. Enable guest services on the zone