282
Configuring user groups
You can add hosts in a LAN to a user group and perform access control, application control, bandwidth
control, and packet filtering on a per user group basis.
• Access control—Allows you to deny access from hosts during specific time ranges. All data packets
matching these criteria will be denied access to the Internet.
• Application control—Allows you to restrict access to a specific application or protocol (such as
Telnet, DNS, SIP, and HTTP) on the Internet from users in a user group. You can perform application
control based on a user group or all users. For more information about application control, see
"Configuring application control."
• Bandwidth control—Allows you to control the bandwidth consumption based on user group. It
evaluates traffic with token buckets and drops unqualified packets.
• Packet filtering—Allows you to filter packets that match specific criteria such as the protocol,
destination IP address, source port, and destination port on a per user group basis.
User group configuration task list
Perform the tasks in Table 130 to configure user groups.
Table 130 User group configuration task list
Task Remarks
Configuring a user group
Required.
By default, no user groups are configured.
Configuring a user
Required.
Add users to the user group.
By default, a user group has no users.
Configuring access control
Required.
Use at least one of the approaches.
By default, a user group has no service configured.
Configuring application control
Configuring bandwidth control
Configuring packet filtering
Synchronizing user group
configuration for wan interfaces
Optional.
If a WAN interface is added or a non-WAN interface becomes a
WAN interface after the user or user group is configured, you must
synchronize the user group configuration to the WAN interface.
IMPORTANT:
Make sure at least one user group exists in the system before
synchronization.
To Next Page
Loading...
Need help?
General
