62
• Password+Certificate—Authenticates a user's password and client certificate.
• Certificate—Authenticates only a user's client certificate.
RADIUS authentication supports only two authentication policies: password and
password+certificate.
Configuring local authentication
Local authentication authenticates users by using the user information saved on the SSL VPN
gateway. This authentication method is the fastest because user information is locally saved, and the
SSL VPN gateway does not need to exchange information with an external authentication server.
However, the number of local users is limited by the capacity of the SSL VPN gateway.
1. Select VPN > SSL VPN > Domain Management > Authentication Policy from the navigation
tree. The Local Authentication tab appears.
Figure 428 Local authentication
2. Select an authentication mode for local authentication. Options include Password,
Password+Certificate, and Certificate.
3. Click Apply.
Configuring RADIUS authentication
The RADIUS protocol is a distributed, client/server mode information exchange protocol for
protecting networks against unauthorized access. It is usually deployed in networks that require
secure remote access. The SSL VPN system can cooperate with the existing RADIUS server of an
enterprise seamlessly to provide RADIUS authentication. Users in the enterprise can use their
original accounts for RADIUS authentication through SSL VPN.
To enable RADIUS authentication in the SSL VPN system, navigate to Advanced > RADIUS page to
configure a RADIUS scheme named system. For more configuration information, see "Configuring
RADIUS."
For successful RADIUS authentication of a user, you must also configure the account information
and the user group attribute information for the user on the RADIUS authentication server, and make
sure the user groups configured on the RADIUS authentication server exist on the SSL VPN gateway.
Otherwise, the user cannot log in. The number of user groups that the gateway supports for a user
has a limit. Make sure the number of user groups specified for a user on the authentication server is
equal to or less than the limit.
1. Select VPN > SSL VPN > Domain Management > Authentication Policy from the navigation
tree.
2. Click the RADIUS Authentication tab to enter the RADIUS authentication configuration page.
Figure 429 RADIUS authentication
To Next Page
Loading...
Need help?
General
