R3721-F3210-F3171-HP High-End Firewalls Access Control Command Reference-6PW101
91
authorization ssl-vpn
Syntax
authorization ssl-vpn radius-scheme radius-scheme-name
undo authorization ssl-vpn
View
ISP domain view
Default level
2: System level
Parameters
radius-scheme radius-scheme-name: Specifies a RADIUS scheme by its name, a case-insensitive string of
1 to 32 characters.
Description
Use authorization ssl-vpn to configure the authorization method for SSL VPN users.
Use undo authorization ssl-vpn to restore the default.
By default, the default authorization method for the ISP domain is used for SSL VPN users.
The specified RADIUS scheme must have been configured.
The RADIUS authorization configuration takes effect only when the authentication method and
authorization method of the ISP domain use the same RADIUS scheme.
Related commands: authorization default and radius scheme.
The following matrix shows the command and firewall compatibility:
Command F1000-A-EI/S-EI
F1000-E
F5000
Firewall module
authorization ssl-vpn Yes Yes No No
Examples
# Configure ISP domain test to use RADIUS authorization scheme rd for SSL VPN users.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authorization ssl-vpn radius-scheme rd
authorization-attribute user-profile
Syntax
authorization-attribute user-profile profile-name
undo authorization-attribute user-profile
View
ISP domain view
Default level
3: Manage level