Cipafilter Support:
309 517 2022 option 2
Mon - Fri 7 AM - 6 PM CT
Cipafilter Documentation - Portal
Posted by Jim Giseburt, Last modified by Jim Giseburt on 09 May 2017 05:17 PM

The Cipafilter portal is a Web site that acts as a central point for Web-based authentication and SSL certificate installation. It can be accessed manually from any client which is proxying through the Cipafilter via; some users may also be redirected to the portal automatically (for authentication or other purposes) depending on the settings specified on the Web Filtering page.

The latter feature is particularly useful for mobile devices accessing the network through an organization's "BYOD" (bring your own device) policy — by enabling the portal for these devices, you can ensure that mobile users are aware of your network usage policy and the need to trust your Cipafilter's root CA for an optimal experience when SSL decryption is enabled.

By default, a user logging into the portal will authenticate that user's IP address for 12 hours. This time-out period can be adjusted from the Authentication section of the Web Filtering page, or within the group configuration sections of the Group Permissions page.

Authentication is a key aspect of the portal system, but it is not required — by enabling guest access (via the Require / Guest authentication mode), administrators can force users to the portal without actually requiring them to authenticate. This is useful if, for example, it is desired to show the network usage policy to all users.

The portal also provides an easy way for authorized personnel to re-authenticate with another account; this can be helpful if, for example, a teacher needs to use a computer which would otherwise be filtered according to the student policy.

Because clients are authorized by IP address, one user's authentication state can, in some configurations, carry over for the next user who accesses the same machine. One way to prevent this is to use the following log-out URL in a log-on script or as the client's default browser home page:

This URL immediately deauthorizes the client and then redirects the browser to the Web site specified by the optional request variable (, in this example).

Lastly, the portal's SSL guides (available at provide detailed instructions for end users to trust the Cipafilter root CA, when one has been generated. The portal automatically detects the user's browser/platform and displays the appropriate guide.

(0 vote(s))
Not helpful

Comments (0)
©Cipafilter 2017. All Rights Reserved.