Configuring combined authentication – H3C Technologies H3C SecPath F1000-E User Manual
Page 383
371
Item Description
Authentication Policy
Select an authentication policy for AD authentication. Options include Password,
Password+Certificate, and Certificate.
Server Recovery Time Set the interval at which the system checks whether the failed AD server recovers.
Admin Username
Set an administrator account. It must be a user account that has the directory search
right in the User directory in the AD domain.
Password
Set a password for the administrator account, and enter the password again to confirm
the password.
Confirm Password
Username Format
Set the username format used to log in to the AD server. Options include Without the
AD domain name, With the AD domain name, and Login name.
Configuring combined authentication
A combination authentication method can combine any two of the four authentication methods (local
authentication, RADIUS authentication, LDAP authentication, and AD authentication) in any order. With
combined authentication configured, the system authenticates a user twice by using the two specified
authentication methods. You can specify which method is used first, and specify whether to ask for a
password during the second authentication.
NOTE:
Which resources are available for a user who has passed a combined authentication and the online
username used are both determined by the first authentication. When the user accesses single login
resources, the system takes the password used in the first authentication as the login password.
Select VPN > SSL VPN > Domain Management > Authentication Policy from the navigation tree and click
the Combined Authentication tab. The combined authentication configuration page appears, as shown
in
.
Figure 255 Combined authentication
Table 55 Configuration items
Item Description
Enable combined
authentication
Select this item to enable combined authentication.
First-Time Authentication
Method
Select an authentication method as the first-time authentication method.
Second-Time Authentication
Method
Select an authentication method as the second-time authentication method.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS