Configuring the caching policy – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 924
903
Item Description
Enable separate
client
Select this item to enable the separate client function.
After a user logs in to SSL VPN, the SSL VPN client automatically runs. With separate
client enabled, the system automatically closes the SSL VPN Web interface, leaving the
client software running alone.
Enable MAC address
binding
Select this item to enable MAC address binding.
With MAC address binding enabled, the SSL VPN system obtains the MAC address of
a user when the user logs in, for user identity authentication or MAC address learning.
Enable automatic
login
Select this item to enable automatic login.
With automatic login enabled, when a user enters the SSL VPN login page, the system
will automatically log the user in by using the guest account or the certificate account,
depending on the authentication mode specified in the default authentication method.
•
When the authentication mode is password, the system uses the guest account for
automatic login.
•
When the authentication mode is certificate, the system uses the username carried in
the client certificate for automatic login.
•
When the authentication mode is password+certificate, the system uses the guest
account for automatic login and requires that the user have the client certificate for
the guest account.
User Timeout
Set an idle timeout for users.
If a login user does not perform any operation during this period, the system logs out
the user.
Default
Authentication
Method
Select the default authentication method used on the SSL VPN login page.
IMPORTANT:
To specify an authentication method other than local authentication as the default
authentication method, you must also enable the authentication method. See
"
Configuring authentication policies
."
Certificate's
Username Field
Select the certificate field to be used as the username when the authentication mode is
certificate. Options include the Common-Name filed and the Email-Address field.
Verify Code Timeout
Set a timeout for the verification code displayed on the SSL VPN login page. If a user
does not enter the displayed verification code in this period, the verification code
becomes invalid. The user can refresh the login page to get a new verification code.
Configuring the caching policy
1.
Select SSL VPN > Configure Basic Settings from the navigation tree.
2.
Click the Caching Policy tab.
The caching policy configuration page appears, as shown in
3.
Select the operations to be done on a user host when the user logs out.
Downloaded programs refer to the SSL VPN client software that was automatically downloaded
and run when the users logged in to the SSL VPN system.
Configuration files refer to the configuration file that was automatically saved when a user
changed the settings of the SSL VPN client software, if any.
4.
Click Apply.