1 / 32

Policy Based Route & User Authentication

Policy Based Route & User Authentication. Authentication Component. Admin Users Authentication Type Authentication server Authentication Rule Address Object. Authentication Component - Admin User. Treeview: User Authentication => Local User Database.

corin
Download Presentation

Policy Based Route & User Authentication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Policy Based Route & User Authentication

  2. Authentication Component • Admin Users • Authentication Type • Authentication server • Authentication Rule • Address Object

  3. Authentication Component - Admin User Treeview: User Authentication => Local User Database

  4. Authentication Component - Authentication type • Authentication User • PPTP User • L2TP User • Xauth User • IKE ID list

  5. Authentication Component - Authentication server

  6. Authentication Component - User Auth Rule

  7. Authentication Component – User Auth Rule

  8. Authentication Component - User Auth Rule

  9. Authentication Component - Address Object Treeview => Objects => Address book => IP4 Address Object

  10. Authentication Component - Address Object Treeview => User Authentication => Local User Database Treeview => Objects => Address book => IP4 Address Object

  11. Authentication Component - Address Object Treeview => User Authentication => Local User Database => User Treeview => Objects => Address book => IP4 Address Object Treeview => User Authentication => Local User Database

  12. Authentication internal process

  13. Example of Authentication Users

  14. Example of Authentication Users • Configuration step • User Database ( local, external) • IP address object (incl. credential) • WebUI before Rules • User Authentication Rule • IP Rule

  15. Configuration step 1 - User Database

  16. Example of Authentication Users • Configuration step • User Database ( local, external) • IP address object (incl. credential) • WebUI before Rules • User Authentication Rule • IP Rule

  17. Configuration step 2 - IP address object

  18. Example of Authentication Users • Configuration step • User Database ( local, external) • IP address object (incl. credential) • WebUI before Rules • User Authentication Rule • IP Rule

  19. Configuration step 3 - WebUI before rules

  20. Example of Authentication Users • Configuration step • User Database ( local, external) • IP address object (incl. credential) • WebUI before Rules • User Authentication Rule • IP Rule

  21. Configuration step 4 - User Authentication Rule

  22. Example of Authentication Users • Configuration step • User Database ( local, external) • IP address object (incl. credential) • WebUI before Rules • User Authentication Rule • IP Rule

  23. Configuration step 5 - IP Rule

  24. Configuration step 5 - IP Rule

  25. Configuration step 5 - IP Rule

  26. Configuration step 5 - IP Rule

  27. Configuration step 5 - IP Rule

  28. Configuration step 5 - IP Rule

  29. Outline • Policy based route • Basic knowledge • How to read a routing table • DFL’s internal traffic flow • Example of Policy Base Route • User authentication • Overview • Authentication Component • Authentication internal process • Example of user authentication • Hands-on • Setting and debugging • Q&A

  30. Hands-on PBR and USER AUTH scenario Topology DFL-1600 WAN1 IP:1.1.1.1X/24 GW:1.1.1.2 www.mailsrv2.com PC1 IP:192.168.1.100/24 GW:192.168.1.1 LAN1:192.168.1.1/24 LAN2:192.168.2.1/24 WAN2 IP:3.3.3.1X/24 GW:3.3.3.2 HTTP & FTP server IP 5.5.5.5/24 • objective: • When PC1 and PC2 access the server, HTTP traffic goes WAN1 and FTP traffic goes WAN2 • Only users in Sales group can download a files via HTTP from PC1 and PC2 • When users download a files via FTP from PC2, they have to pass authentication, but from PC1 doesn’t need. • Note: ‘X’ means the number for your group. PC2 IP:192.168.2.100/24 GW:192.168.2.1

  31. Q & A

  32. END

More Related