Configuring the ldap authentication policy, Overview, Configuration procedure – H3C Technologies H3C SecBlade SSL VPN Cards User Manual
Page 68
60
Item Action
Primary Accounting Server
Status
Required
Specify the status of the primary accounting server, active or block.
Secondary Accounting Server
Status
Optional
Specify the status of the secondary accounting server, active or block.
NOTE:
•
Currently, the SSL VPN system can implement authentication, authorization and accounting through the
RADIUS server. The accounting function is optional.
•
If an error occurs on the primary server and only the primary server is configured, the authentication
request will be sent to the primary server for
n times. n is the retransmission times. If an error occurs on
the primary server and both the primary and secondary servers are configured, the authentication
request will be sent to the primary server for
k times. Then, the authentication request will be sent to the
secondary server for
m times at most, where k = (n + 1)/2, k + m = n.
Configuring the LDAP Authentication Policy
Overview
The Lightweight Directory Access Protocol (LDAP) is developed on the basis of the X.500 standard but is
simpler than the X.500 standard and can be customized as needed. LDAP is a cross-platform protocol.
You do not need to care about the LDAP server and client.
Currently, an increasing number of enterprises store user information on the LDAP server, which can
authenticates users and provide corresponding services after the user passes the authentication. The SSL
VPN system uses the LDAP authentication policy to implement authentication of users stored on the LDAP
server and obtain the access right to the corresponding resources.
Configuration Procedure
Select the LDAP Authentication tab to enter the LDAP authentication policy configuration page shown
in
.