Creating an authentication database – Amer Networks E5Web GUI User Manual

If the Network behind user option is specified then this is the metric that will be used with
the route that is automatically added by cOS Core. If there are two routes which give a match
for the same network then this metric decides which should be used.

Note: Other authentication sources do not have the PPTP/L2TP
option

Specifying an SSH Public Key

With PPTP/L2TP clients, using a key is often an alternative to specifying a username and
password. A private key can be specified for a local database user by selecting a previously
uploaded cOS Core SSH Client Key object.

When the user connects, there is an automatic checking of the keys used by the client to verify
their identity. Once verified, there is no need for the user to input their username and password.

To make use of this feature, the relevant SSH Client Key object or objects must first be defined
separately in cOS Core. Client keys are found as an object type within Key Ring in the Web
Interface or InControl. Definition requires the uploading of the public key file for the key pair
used by the client.

Example 8.1. Creating an Authentication Database

This example shows how to create a new user database called lan_users and how to add a new
username myusername that belongs to the group lan_group and has the password
myuserpassword.

Command-Line Interface

First, create a new user database:

Device:/> add LocalUserDatabase lan_users

Next, change the CLI context to be this new database:

Device:/> cc lan_users

Now, add a user to this database:

Device:/lan_users> add User myusername

Password=myuserpassword
Groups=lan_group

After adding any additional users, change the context back to the default:

Device:/lan_users> cc
Device:/>

InControl

Follow the same steps used for the Web Interface below.

Chapter 8: User Authentication

524