User Account Creation and Modification

Now that groups have been created and fine-tuned, you can create the individual users if you are utilizing the concentrator's internal authentication server. Recall that users can belong to only one group and if they are not explicitly specified as belonging to an individual group, they are associated with the base group.

User Identity Tab

Similar to the actions in the individual group screen, you can also add, modify, or delete individual users. After you choose to add or modify a user, the Identity tab is displayed. The example displayed in Figure 4.14 created the user Mr Ed and assigned a password to the user, which serves as the individual authentication. After the IPSec group has been authenticated, the individual is prompted for this username and password. The Group field enables you to select which group to associate with the user. The default is the base group; however, in this example, the Mr. Ed user was assigned to the Not-So-Human Resources group. The bottom two fields are optional and are required only if you are using per-user assignment of IP addresses. Because the example uses per-user IP assignment, the VPN administrator decided to allocate the IP address of 10.1.1.100 for Mr. Ed. This internal IP is assigned to Mr. Ed's client after his username is authenticated to the concentrator's internal database.

Figure 4.14. Group Definition screen.

graphics/04fig14.gif

The remaining tabs also contain the Inherit check boxes in which you can deselect and override some attributes of the group or base group, such as tunneling protocols, IPSec SAs, and PPTP/L2TP parameters.



CSVPN Exam Cram 2 (Exam 642-511)
CCSP CSVPN Exam Cram 2 (Exam Cram 642-511)
ISBN: 078973026X
EAN: 2147483647
Year: 2002
Pages: 185

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net