Configuring the caching policy – H3C Technologies H3C SecPath F1000-E User Manual

Page 377

365

Item Description

Enable automatic
login

Select this item to enable automatic login.
With automatic login enabled, when a user enters the SSL VPN login page, the system

will automatically log the user in by using the guest account or the certificate account,
depending on the authentication policy specified in the default authentication method.

•

When the authentication policy is password, the system uses the guest account for

automatic login.

•

When the authentication policy is certificate, the system uses the username carried

in the client certificate for automatic login.

•

When the authentication policy is password+certificate, the system uses the guest

account for automatic login and requires that the user have the client certificate for

the guest account.

User Timeout

Set an idle timeout for users.
If a login user does not perform any operation during this period, the system logs out
the user.

Default
Authentication
Method

Select the default authentication method used on the SSL VPN login page.

IMPORTANT:

To specify an authentication method other than local authentication as the default

authentication method, you must also enable the authentication method (see

Configuring authentication policies

").

Certificate’s
Username Field

Select the certificate field to be used as the username when the authentication policy is
certificate. Options include the Common-Name filed and the Email-Address field.

Verification Code
Timeout

Set a timeout for the verification code displayed on the SSL VPN login page. If a user
does not enter the displayed verification code in this period, the verification code

becomes invalid. The user can refresh the login page to get a new verification code.

Configuring the caching policy

Select VPN > SSL VPN > Domain Management > Basic Configuration from the navigation tree and click
the Caching Policy tab. The caching policy configuration page appears, as shown in

Figure 248

. Select

the operations to be done on a user host when the user logs out.
Downloaded programs refer to the SSL VPN client software that was automatically downloaded and run

when the users logged in to the SSL VPN system.
Configuration files refer to the configuration file that was automatically saved when a user changed the
settings of the SSL VPN client software, if any.

Figure 248 Caching policy

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS