Replacement Message Groups
Go to System > Replacement Message Groups to configure custom replacement message groups.
To create a custom replacement message group in the GUI:
-
Click Create New.
-
In the Name field, enter a name for the custom replacement message group.
-
In the Comments field, enter an optional description of the custom replacement message group.
-
Select Security or Authentication.
-
Click OK.
To create a custom replacement message group in the CLI:
config system replacemsg-group
edit <name>
set comment <string>
set group-type {utm | auth}
config {webproxy | auth}
edit <msg-type>
set buffer <string>
set header {none | http | 8bit}
set format {none | text | html}
next
end
next
end
Custom ZTNA virtual host replacement message
Custom messages can be configured for each ZTNA virtual host, to be shown when verification fails. The ZTNA detail tag (%%ZTNA_DETAIL_TAG%%) can be included to show the reason for the verification failure.
To use a custom replacement message:
-
Configure a replacement message group that includes the ZTNA detail tag in the message:
config system replacemsg-group edit "test-vhost" set comment '' set group-type utm config webproxy edit "ztna-block" set buffer "This is a test message: %%ZTNA_DETAIL_TAG%%" set header http set format html next end next end -
Apply the replacement message group to a virtual host:
config firewall access-proxy-virtual-host edit "test" set host "10.1.200.102" set replacemsg-group "test-vhost" next end