Screen OS

How are you? I have a SSG5. Internet users have DHCP. My question is:

Does SSG5 can generate certificates for users before you can enter online?

Thank you very much for your support.

I'm not sure I understand your question.  The SSG is a firewall not a CA (Certificate Authority) so it will not be issue certificates to anything.  But since you are asking about the SSG allowing computers to go 0nline I suspect I am missing your real question.

Are you looking for a way to have authorization to use the internet?

Exactly, I'm looking for a way to authorize Internet service. I probably did not explain my question.

Thank you very much for your time in reading my post

Web auth

For setting up a basic user/password to allow web access you would use the "web auth" function.   This is covered in the Concepts & Examples guide Volume 9 User Authentication.  See page 67 and following for the sample configurations using internal and external user groups.

http://www.juniper.net/techpubs/software/screenos/screenos6.2.0/index.html

This is the sample for internal users from the manual.

CLI
1. WebAuth
set webauth server Local
set interface ethernet1 webauth-ip 10.1.1.50
set interface ethernet1 webauth
set auth-server Local timeout 30

2. User Group
set user-group auth_grp3 location local
Use the following command to add auth users to the user group you have just
created:
set user-group auth_grp3 user name_str

3. Policy
set policy top from trust to untrust any any any permit webauth user-group
auth_grp3
save

NOTE: The security device determines a local user group type by the type of members that you add to it. To make auth_grp3 an auth user group, add an auth user to the group.

-------
There are also options for subscription services for web filtering and internal white and black lists if that is of interest.

Perfect. It's what I'm looking for. I'll read the documentation that you provide to me.

Thank you very much.