Users and authentication
To enable authentication, you must add user names to one or more user groups. You can also add RADIUS servers to user groups. You can then select a user group when you require authentication.
You can require authentication for:
•any firewall policy with Action set to ACCEPT (see Adding NAT/Route mode policies and Adding NAT/Route mode policies)
•IPSec dialup remote gateways (see Adding a remote gateway)
•PPTP (see PPTP VPN configuration)
•L2TP (see L2TP VPN configuration)
When a user enters a user name and password, the
If RADIUS is selected and RADIUS support is configured and the user name and password match a user name and password on the RADIUS server, the connection is allowed. If the user name and password do not match a user name and password on the RADIUS server, the connection is dropped.
This chapter describes:
•Setting authentication time out
•Adding user names and configuring authentication
•Configuring RADIUS support
•Configuring user groups
Setting authentication time out
To set authentication time out using the
•Go to System > Config > Options .
•Set Auth Timeout to control how long authenticated firewall connections can remain idle before users must authenticate again to get access through the firewall.
The default authentication time out is 15 minutes.
Adding user names and configuring authentication
Use the following procedures to add user names and configure authentication.
This section describes:
•Adding user names and configuring authentication
•Deleting user names from the internal database
Adding user names and configuring authentication
•Go to User > Local .
43 | |
|
