WatchGuard Technologies SSL VPN manual Creating User Groups, To create a local user group

Creating User Groups

Group resources include:

•Network resources that define the networks to which clients can connect.

•Application policies that define the applications users can use when connected. In addition to selecting the application, you can further define which networks the application has access to and if any end point policies need to be met when connecting.

•File share resources that define which file shares the user can connect to when logged on in kiosk mode.

•Kiosk resources that defines how the user can log on, the Web address the user needs, and which file shares and applications the user can use when logged on.

•End point resources and policies that define the required and option parameters that must be on the user’s computer when logging on.

If a user belongs to more than one group, group policies are applied to the user based on the group pri- orities set on the Group Priority tab, as described in “Setting the Priority of Groups” on page 106.

Creating User Groups

User groups are created on the Access Policy Manager tab. Multiple user groups can be created and configured. When a new group is created, the properties page appears that allows you to configure the settings for the group. You can also add local groups that are not related to groups on authentication serv- ers. After the settings are complete, resources can be added to the group.

Note

If you create a user group that has more than 127 characters and then delete that user group, it still appears on the Group Priority tab after deletion. To resolve this problem, user group names should have fewer than 127 characters. Any characters over this limit are truncated.

To create a local user group

1Click the Access Policy Manager tab.

2In the left pane, right-click User Groups and then click New Group.

3In Group Name, type a descriptive name for the group, such as “Temp Employees” or “accounting”

and then click OK.

A dialog box for the added group appears.

Note

If you want the group’s properties to be used for authentication obtained from authentication servers, the group name must match the authentication server group name, including case and use of spaces.

4To configure the group, see “Configuring Properties for a User Group” on page 90.

To remove a user group

On the Access Policy Manager tab, in the left-pane, right-click a group and then click Delete.