Create Access Profiles
Use the Access Profile page to create access profile with local, LDAP, or RADIUS authentication methods.
To create access profile with local, LDAP, or RADIUS authentication methods:
Field |
Description |
---|---|
General Setting |
|
Access Profile Name |
Enter a unique string of alphanumeric characters, colons, periods, dashes, and underscores. The maximum length is 255 characters. |
Description |
Enter a description for the access profile. The maximum length is 255 characters. |
Assign Device | |
Device |
Select these devices from the Available column and move to the Selected column. You can also search for the devices in the search field in both the Available and Selected columns. You can search these devices by entering the device name, device IP address, or device tag. |
Authentication |
Select the authentication method the device should use to authenticate users;
|
Local |
Provide the following details:
|
RADIUS |
Select the toggle button to specify the details of RADIUS servers. To configure RADIUS Servers:
3. Click OK. |
LDAP |
Select the toggle button to specify the details of LDAP server. To configure LDAP Servers:
3. Click OK. |
LDAP Options | |
Revert Interval |
Specify the amount of time that elapses before the primary server is contacted if a backup server is being used. The range is 60 through 4,294,967,295 seconds. |
Base distinguished name |
Specify the base distinguished name, that is used in one of the following ways:
The base distinguished name is a series of basic properties
that define the user. For example, in the base distinguished name, |
LDAP Option Type |
|
Assemble |
Specify that a user’s LDAP distinguished name is assembled through the use of a common name identifier, the username, and base distinguished name. |
Common name |
Enter a common name identifier used as a prefix for the username
during the assembly of the user's distinguished name. For
example, |
Search Filter |
Enter the name of the filter to find the user's LDAP distinguished name. For example, a filter
|
Admin Search |
Perform an LDAP administrator search. By default, the search is an anonymous search. To perform an administrator search, you must specify administrator credentials, which are used in the bind as part of performing the search. |
Distinguished Name |
Enter the distinguished name of an administrative user. The distinguished name is used in the bind for performing the LDAP search. For example, |
Password |
Configure the plain-text password for the administrative user. This password is used in the bind for performing the LDAP search. |
Order 1 |
Configure the order in which the different user authentication methods are tried when a user attempts to log in. For each login attempt, the method for authentication starts with the first one, until the password matches. The method can be one or more of the following:
|
Order 2 |
Configure the next authentication method if the authentication method included in the authentication order option is not available, or if the authentication is available but returns a reject response. |