HP X Unified Security Platform manual 269

How Local User Authentication Works: RADIUS, Privilege Groups and X.509 Certificates

You may choose to use RADIUS for VPN clients only, or to use it for both User Authentication and VPN Client Access.

STEP 4 In the Radius Server Setup table:

STEP A Type the Server Timeout value (between 1 and 30).

If no response is received from the RADIUS server, this value defines the time in seconds before the X family attempts to reconnect.

STEP B Type the Server Retries value (between 1 and 10).

This defines the number of times the X family will attempt to connect to the

RADIUS server.

STEP 7 Click Apply.

Privilege Groups

Privilege Groups allow you to setup access rights to specific services on the network that can then be enforced Firewall rules.

The types of global privileges that can be enabled for users within a group are:

•VPN client access

•Firewall rule authentication

•Web filter bypass

The Privilege Group is a component of the local user database entries or retrieved from RADIUS via a Vendor Specific Attribute (VSA). (For more information, see “RADIUS” on page 252.) The device supports up to 100 Privilege Groups.

You can manage and configure from the Privilege Groups page. From this page you can:

•View currently configured Privilege Groups

•Delete a Privilege Group

•Create Privilege Groups