Associate Identity and decryption policies with the access control policy

Associate the identity policy and TLS/SSL Decrypt - Resign rule with your access control policy to enable captive portal authentication.

This part of the procedure discusses how to associate the identity policy and TLS/SSL Decrypt - Resign rule with the access control policy you created earlier. After this, users can authenticate using the captive portal.

For an overview of the entire captive portal configuration, see Configure the captive portal for user control.

Procedure

Step 1	Click Policies > Security policies > Access Control and edit the access control policy you created as discussed in Create a TCP port access control rule. If View () appears instead, the configuration belongs to an ancestor domain, or you do not have permission to modify the configuration.
Step 2	Either create a new access control policy or edit an existing policy.
Step 3	At the top of the page, click the word Identity.
Step 4	From the list, choose the name of your identity policy and, at the top of the page, click Save.
Step 5	Repeat the preceding steps to associate your captive portal decryption policy with the access control policy.
Step 6	If you haven't done so already, target the policy at managed devices as discussed in Assigning devices to an access control policy.

What to do next

Deploy your identity and access control policies to managed devices as discussed in Deploy Configuration Changes.
Monitor user activity .