HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

351

352

353

354

355

356

357

358

359

360

348

Item Descri

tion

Enable MAC

address binding

Select this item to enable MAC address binding.

With MAC address binding enabled, the SSL VPN system obtains the MAC

address of a user when the user logs in, for user identity authentication or MAC

address learning.

Enable automatic

Select this item to enable automatic login.

With automatic login enabled, when a user enters the SSL VPN login page, the

system will automatically log the user in by using the guest account or the

certificate account, depending on the authentication mode specified in the default

authentication method.

• When the authentication mode is password, the system uses the guest account

for automatic login.

• When the authentication mode is certificate, the system uses the username

carried in the client certificate for automatic login.

• When the authentication mode is password+certificate, the system uses the

guest account for automatic login and requires that the user have the client

certificate for the guest account.

User Timeout

Set an idle timeout for users.

If a login user does not perform any operation during this period, the system logs

out the user.

Default

Authentication

Method

Select the default authentication method used on the SSL VPN login page.

IMPORTANT:

To specify an authentication method other than local authentication as the default

authentication method, you must also enable the authentication method. See

"Configuring authentication policies."

Certificate's

Username Field

Select the certificate field to be used as the username when the authentication

mode is certificate. Options include the Common-Name filed and the

Email-Address field.

Verify Code Timeout

Set a timeout for the verification code displayed on the SSL VPN login page. If a

user does not enter the displayed verification code in this period, the verification

code becomes invalid. The user can refresh the login page to get a new

verification code.

2. Configure the caching policy:

a. Select VPN > SSL VPN > Domain Management > Basic Configuration from the navigation tree.

b. Click the Caching Policy tab.

The caching policy configuration page appears, as shown in Figure 253.

c. Sele

ct the operations to be done on a user host when the user log

s out.

{ Downloaded programs refer to the SSL VPN client software that was automatically downloaded

and run when the users logged in to the SSL VPN system.

{ Configuration files refer to the configuration file that was automatically saved when a user

changed the settings of the SSL VPN client software, if any.

d. Click Apply.