![]() Also specifies the authentication method. Lists the firewall users by their assigned user identifier. Ĭoncurrent administrative access via X.509 authentication and via login to the mGuard user firewall is not possible with the “Safari” web browser.Īuthentication > Firewall Users > Firewall Users This menu is not available on the FL MGUARD RS2000, TC MGUARD RS2000 3G, TC MGUARD RS2000 4G , and FL MGUARD RS2005. ![]() This user firewall rule takes effect as soon as the relevant firewall user(s) (to whom this user firewall rule applies) has (or have) logged in, see "Network Security > User Firewall" on page 290. Under Network Security > User Firewall, different firewall rules can be defined for certain users, e.g., all outgoing connections are permitted. To prevent private surfing on the Internet, for example, every outgoing connection is blocked under Network Security > Packet Filter > DMZ. The netadmin and audit authorization levels relate to access rights with the mGuard device manager (FL MGUARD DM). Up to 50 characters are allowed (printable UTF-8 characters only) without spaces.Įach group is assigned an administrative role. Responses from the RADIUS server with notification of successful authentication must have this group name in their filter ID attribute. RADIUS Filters for Administrative Access – Password changes for one of the predefined users (root, admin, netadmin, audit, mobile, and user). The log messages are forwarded to a remote server, provided a remote server has been approved by the mGuard. Other user actions are logged here using the original name of the user. If authentication is successful, this is noted as part of the mGuard 's logging process. They are used by the mGuard for assigning the group and therefore the authorization level as “admin”, “netadmin” or “audit”. These filter IDs are assigned to the user in a server database. When the first match is found, access is granted with the corresponding role (admin, netadmin, audit).Īfter a RADIUS server has checked and accepted a user's password, it sends the mGuard a list of filter IDs in its response. The RADIUS filters are searched consecutively. – For web access, see menu: Management > Web Settings > Access – For shell access, see menu: Management > System Settings > Shell Access The mGuard only checks passwords using RADIUS servers if you have activated RADIUS authentication: (This menu item is not included in the scope of functions for TC MGUARD RS2000 3G, TC MGUARD RS2000 4G, FL MGUARD RS2005 or FL MGUARD RS2000. To set one, enter the desired password in both input fields.Īuthentication > Administrative Users > RADIUS Filters To log out the user, click on the Logout button. To log in the user, click on the Login button. To use this option, specify the user password in the corresponding input field.ĭisplays whether the user is logged on or off. Ĭhanges to this option only take effect after the next restart. ![]() When the function is activated, VPN connections can only be used once a user has logged into the mGuard via HTTP.Īs long as authentication is required, all HTTP connections are redirected to the mGuard. If a user password has been specified and activated, the user must always enter this password after an mGuard restart in order to enable mGuard VPN connections when attempting to access any HTTP URL. To set one, enter the desired password in both input fields.ĭisable VPN until the user is authenticated via HTTP Grants the rights required for the configuration options accessed via the web-based administrator interface. ![]() To change the root password, enter the old password in the Old password field, then the new password in the next two fields.īackground: only this authorization level allows unlimited access to the mGuard file system. Grants full rights to all parameters of the mGuard. ![]()
0 Comments
Leave a Reply. |