beautypg.com

Advanced policy options, Authentication – Fortinet 100A User Manual

Page 194

background image

194

01-28007-0068-20041203

Fortinet Inc.

Advanced policy options

Firewall

Advanced policy options

Figure 82: Advanced policy options

Authentication

You must add users and a firewall protection profile to a user group before you can
select Authentication. For information about adding and configuring user groups, see

“User group” on page 239

.

Select Authentication and select one or more user groups to require users to enter a
user name and password before the firewall accepts the connection.

Figure 83: Selecting user groups for authentication

You can select Authentication for any service. Users can authenticate with the firewall
using HTTP, Telnet, or FTP. For users to be able to authenticate you must add an
HTTP, Telnet, or FTP policy that is configured for authentication. When users attempt
to connect through the firewall using this policy they are prompted to enter a firewall
username and password.

If you want users to authenticate to use other services (for example POP3 or IMAP)
you can create a service group that includes the services for which you want to
require authentication, as well as HTTP, Telnet, and FTP. Then users could
authenticate with the policy using HTTP, Telnet, or FTP before using the other
service.