Users and authentication, Setting authentication time out, Adding user names and configuring authentication – D-Link DFL-500 User Manual

DFL-500 User Manual

43

Users and authentication

DFL-500 NPGs support user authentication to the DFL-500 user database or to a RADIUS server. You can
add user names to the DFL-500 user database and then add a password to allow the user to authenticate
using the internal database. You can also add the name of a RADIUS server and select RADIUS to allow the
user to authenticate using the selected RADIUS server. You can also disable users so that they cannot
authenticate with the DFL-500 NPG.

To enable authentication, you must add user names to one or more user groups. You can also add RADIUS
servers to user groups. You can then select a user group when you require authentication.

You can require authentication for:

• any firewall policy with Action set to ACCEPT (see

Adding NAT/Route mode policies

and

Adding

NAT/Route mode policies

)

• IPSec dialup remote gateways (see

Adding a remote gateway

)

• PPTP (see

PPTP VPN configuration

)

• L2TP (see

L2TP VPN configuration

)

When a user enters a user name and password, the DFL-500 NPG searches the internal user database for a
matching user name. If Disable is selected for that user name, the user cannot authenticate and the
connection is dropped. If Password is selected for that user and the password matches, the connection is
allowed. If the password does not match, the connection is dropped.

If RADIUS is selected and RADIUS support is configured and the user name and password match a user
name and password on the RADIUS server, the connection is allowed. If the user name and password do not
match a user name and password on the RADIUS server, the connection is dropped.

This chapter describes:

•

Setting authentication time out

•

Adding user names and configuring authentication

•

Configuring RADIUS support

•

Configuring user groups

Setting authentication time out

To set authentication time out using the web-based manager:

• Go to System > Config > Options .
• Set Auth Timeout to control how long authenticated firewall connections can remain idle before users

must authenticate again to get access through the firewall.
The default authentication time out is 15 minutes.

Adding user names and configuring authentication

Use the following procedures to add user names and configure authentication.

This section describes:

•

Adding user names and configuring authentication

•

Deleting user names from the internal database

Adding user names and configuring authentication

• Go to User > Local .