ADC SG-1 user manual Changing domain authentication settings, Hostconfig# domain-authentication

Changing domain authentication settings

Host(config)# domain-authentication

In a SG-1 system, virtual private tunnels (VPNs) are created upon RADIUS request. The tunneling service is always enabled within the SG-1 (there is no configuration command for turning it on or off). The domain-authentication configuration command is used to enable and disable authentication of the user's domain.

The domain-authentication separator command defines a list of characters that will be regarded as separators within usernames. The SG-1 can then extract the domain name by discarding the portion of the username before the separator. This command also enables the domain authentication process. The valid separators are !, @, #, $, %, and -.

To define @ and # as separators and enable domain authentication, type:

domain-authentication separator @# (then press ENTER).

To turn off the domain authentication process, type:

no domain-authentication (then press ENTER).

Host(config)# authentication web-auth-method

•The authentication web-auth-method command defines the system authentication method to be used in WEB authentication (when authenticating a user via WEB authentication process).

•The system default value is PAP. When configured to its default values the system does not present it in write terminal command.

•The authentication methods are PAP or CHAP. The system should authenticate a WEB authenticated user based on this configuration. When CHAP is configured the system should process all necessary attributes for CHAP authentication (produce challenge, calculate the response based on the challenge and the password and communicate with the RADIUS as defined in the RFC).

Usage:

authentication web-auth-method [<PAP CHAP>]

Parameter(s)

<PAP CHAP>

Set the system WEB authentication method.

PAP – Authenticate the user using PAP

CHAP – Authenticate the user using CHAP