Configuring authentication policies, Configuring local authentication, Configuring radius authentication – H3C Technologies H3C SecPath F1000-E User Manual
Page 379
367
Table 50 Configuration items
Item Description
Title
Enter a name for the bulletin.
Content
Enter the contents of the bulletin.
Selected User Groups
Select the user groups that can view the bulletin.
Available User Groups
Configuring authentication policies
SSL VPN supports local authentication, RADIUS authentication, LDAP authentication, AD authentication,
and combined authentication of any two of the previous four authentication methods.
Local authentication, LDAP authentication, and AD authentication each supports three authentication
policies:
•
Password—Authenticates only a user’s password.
•
Password+Certificate—Authenticates a user’s password and client certificate.
•
Certificate—Authenticates only a user’s client certificate.
RADIUS authentication supports only two authentication policies: password and password+certificate.
Configuring local authentication
Local authentication authenticates users by using the user information saved on the SSL VPN gateway.
This authentication method is the fastest because user information is locally saved, and the SSL VPN
gateway does not need to exchange information with an external authentication server. However, the
number of local users is limited by the capacity of the SSL VPN gateway.
Select VPN > SSL VPN > Domain Management > Authentication Policy from the navigation tree. The
Local Authentication tab appears, as shown in
Figure 251 Local authentication
Table 51 Configuration item
Item Description
Authentication Policy
Select an authentication policy for local authentication. Options include Password,
Password+Certificate, and Certificate.
Configuring RADIUS authentication
The Remote Authentication Dial-In User Service (RADIUS) protocol is a distributed, client/server mode
information exchange protocol for protecting networks against unauthorized access. It is usually
deployed in networks that require secure remote access. The SSL VPN system can cooperate with the
existing RADIUS server of an enterprise seamlessly to provide RADIUS authentication. Users in the
enterprise can use their original accounts for RADIUS authentication through SSL VPN.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS