Configuring authentication policies, Configuring local authentication, Configuring radius authentication – H3C Technologies H3C SecPath F1000-E User Manual

Page 379

Advertising
background image

367

Table 50 Configuration items

Item Description

Title

Enter a name for the bulletin.

Content

Enter the contents of the bulletin.

Selected User Groups

Select the user groups that can view the bulletin.

Available User Groups

Configuring authentication policies

SSL VPN supports local authentication, RADIUS authentication, LDAP authentication, AD authentication,

and combined authentication of any two of the previous four authentication methods.
Local authentication, LDAP authentication, and AD authentication each supports three authentication
policies:

Password—Authenticates only a user’s password.

Password+Certificate—Authenticates a user’s password and client certificate.

Certificate—Authenticates only a user’s client certificate.

RADIUS authentication supports only two authentication policies: password and password+certificate.

Configuring local authentication

Local authentication authenticates users by using the user information saved on the SSL VPN gateway.

This authentication method is the fastest because user information is locally saved, and the SSL VPN

gateway does not need to exchange information with an external authentication server. However, the
number of local users is limited by the capacity of the SSL VPN gateway.
Select VPN > SSL VPN > Domain Management > Authentication Policy from the navigation tree. The

Local Authentication tab appears, as shown in

Figure 251

.

Figure 251 Local authentication

Table 51 Configuration item

Item Description

Authentication Policy

Select an authentication policy for local authentication. Options include Password,
Password+Certificate, and Certificate.

Configuring RADIUS authentication

The Remote Authentication Dial-In User Service (RADIUS) protocol is a distributed, client/server mode
information exchange protocol for protecting networks against unauthorized access. It is usually

deployed in networks that require secure remote access. The SSL VPN system can cooperate with the

existing RADIUS server of an enterprise seamlessly to provide RADIUS authentication. Users in the

enterprise can use their original accounts for RADIUS authentication through SSL VPN.

Advertising
This manual is related to the following products:

H3C SecPath F5000-A5 Firewall, H3C SecPath F1000-A-EI, H3C SecPath F1000-E-SI, H3C SecPath F1000-S-AI, H3C SecPath F5000-S Firewall, H3C SecPath F5000-C Firewall, H3C SecPath F100-C-SI, H3C SecPath F1000-C-SI, H3C SecPath F100-A-SI, H3C SecBlade FW Cards, H3C SecBlade FW Enhanced Cards, H3C SecPath U200-A U200-M U200-S, H3C SecPath U200-CA U200-CM U200-CS

Popular Brands
Popular manuals