User Management

9

 

Configuring User Authentication Settings

 

 

 

 

 

Using Local Database for User Authentication

Use the local database to authenticate users when the number of users accessing the network is less than 100 users.

The local database verifies the user’s credentials. Only the valid local users are allowed to access the network. For information on configuring local users in the local database, see Configuring Local Users, page 390.

STEP 1 Click Users > User Authentication.

STEP 2 Choose Local Database as the authentication method.

STEP 3 Click Save to apply your settings.

Using RADIUS Server for User Authentication

The security appliance can use RADIUS servers for user authentication for network access. The RADIUS server uses the Framed-Filter-ID attribute to store user and user group information, and checks the user’s credentials by using the Password Authentication Protocol (PAP) authentication scheme.

When a user authenticates, the security appliance verifies the user’s credentials through the RADIUS server. The RADIUS server returns the authentication results to the security appliance. For a valid RADIUS user, the security appliance checks its user group service policy from the local database and permits access. For an invalid RADIUS user, the security appliance blocks access.

STEP 1 Click Users > User Authentication.

STEP 2 Choose RADIUS as the authentication method.

STEP 3 Click Configure to configure the RADIUS settings.

STEP 4 In the Settings tab, choose the RADIUS group for authentication and configure the global timeout and retry settings.

Global RADIUS Settings: Specify the global timeout and retry settings for the selected RADIUS servers:

-RADIUS Server Timeout: Enter the number of seconds that the connection can exist before re-authentication is required. The range is 1-60 seconds. The default value is 3 seconds.

Cisco ISA500 Series Integrated Security Appliances Administration Guide

394

Page 394
Image 394
Casio ISA550WBUN3K9 manual Using Local Database for User Authentication, Using Radius Server for User Authentication