Configuration examples, Overview, Configuring static authorization – H3C Technologies H3C SecBlade SSL VPN Cards User Manual

70

Configuration Examples

Overview

The H3C SecBlade SSL VPN system controls user access rights through static authorization and dynamic

authorization.
Static authorization allows an administrator to specify the resources that a user can access when creating

the user. Static authorization is mainly achieved by adding different users to different user groups.
Dynamic authorization allows the system to assign different access rights to users based on their security

status. Dynamic authorization is achieved by security policy checking.
The resources that a user can access are the intersection of the statically authorized resources and the

dynamically authorized resources.

Configuring Static Authorization

Configuring a User

Select User > Local User from the navigation tree to enter the local user page, and then click Add.

•

Type user1 for Account.

•

Type 123456 for Password and Confirm Password.

•

Specify the user as a non-public account.

•

Select Permitted for Status.

For a newly created domain, only Administrators and guest are available in the user group list. If you

want to configure the user as an administrator, you need to add user1 to the Administrators group.
Click Apply.

Configure Resources

Select Resource > Web Site from the navigation tree to enter the web proxy page, and then click Add.

•

Type sina for Resource Name.

•

Type http://www.sina.com/ for Website Name.

Click Apply.
Follow the above steps to create a resource named NetEase.

Configure a Resource Group

Select Resource > Resource Group from the navigation tree to enter the resource group page, and then
click Add.

•

Type resgroup for Group Name.