R3721-F3210-F3171-HP High-End Firewalls VPN Configuration Guide-6PW101
364
Item Descri
p
tion
Authentication Policy
Select an authentication policy for AD authentication. Options include Password,
Password+Certificate, and Certificate.
Server Recovery Time Set the interval at which the system checks whether the failed AD server recovers.
Admin Username
Set an administrator account. It must be a user account that has the directory search
right in the User directory in the AD domain.
Password
Set a password for the administrator account, and enter the password again to confirm
the password.
Confirm Password
Username Format
Set the username format used to log in to the AD server. Options include Without the
AD domain name, With the AD domain name, and Login name.
Configuring combined authentication
A combination authentication method can combine any two of the four authentication methods (local
authentication, RADIUS authentication, LDAP authentication, and AD authentication) in any order. With
combined authentication configured, the system authenticates a user twice by using the two specified
authentication methods. You can specify which method is used first, and specify whether to ask for a
password during the second authentication.
NOTE:
W
hich resources are available for a user who has passed a combined authentication and the online
username used are both determined by the first authentication. When the user accesses single login
resources, the system takes the password used in the first authentication as the login password.
Select VPN > SSL VPN > Domain Management > Authentication Policy from the navigation tree and click
the Combined Authentication tab. The combined authentication configuration page appears, as shown
in Figure 255.
Figure 255 Combined authentication
Table 56 Configuration items
Item Descri
p
tion
Enable combined
authentication
Select this item to enable combined authentication.
First-Time
Authentication
Method
Select an authentication method as the first-time authentication method.
Second-Time
Authentication
Method
Select an authentication method as the second-time authentication method.