12.03.2015 Views

FortiGate Administration Guide - FirewallShop.com

FortiGate Administration Guide - FirewallShop.com

FortiGate Administration Guide - FirewallShop.com

SHOW MORE
SHOW LESS

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

User groups<br />

User<br />

Type Select the user group type: See “User group types” on page 387.<br />

Firewall<br />

Select this group in any firewall policy that<br />

requires Firewall authentication. See<br />

“Adding authentication to firewall policies”<br />

on page 276.<br />

Active Directory Select this group in any firewall policy that<br />

requires Active Directory authentication.<br />

See “Adding authentication to firewall<br />

policies” on page 276.<br />

SSL VPN<br />

Select this group in any firewall policy with<br />

Action set to SSL VPN. See “SSL-VPN<br />

firewall policy options” on page 281.<br />

Protection Profile Available only if Type is Firewall or Active Directory.<br />

Select a protection profile for this user group from the drop-down<br />

list. To create a new protection profile, select Create New.<br />

Available Users The list of users, RADIUS servers, LDAP servers, or PKI users<br />

that can be added to the user group.<br />

Members<br />

The list of users, RADIUS servers, LDAP servers, or PKI users<br />

that belong to the user group.<br />

Right arrow button Add a user or server to the Members list.<br />

Select a user or server name in the Available Users list and select<br />

the right arrow button to move it to the Members list.<br />

Left arrow button Remove a user or server from the Members list.<br />

Select a user name or server name in the Members list and select<br />

the left arrow button to move it to the Available Users list.<br />

FortiGuard Web<br />

Filtering Override<br />

SSL-VPN User Group<br />

Options<br />

Available only if Type is Firewall or Active Directory.<br />

Configure Web Filtering override capabilities for this group.<br />

See “Configuring FortiGuard override options for a user group” on<br />

page 391.<br />

Available only if Type is SSL-VPN.<br />

For detailed instructions about how to configure web-only mode<br />

or tunnel mode operation, see the <strong>FortiGate</strong> SSL VPN User<br />

<strong>Guide</strong>.<br />

Note: If you try to add LDAP servers or local users to a group configured for administrator<br />

authentication, an “Entry not found” error occurs.<br />

<strong>FortiGate</strong> Version 3.0 MR5 <strong>Administration</strong> <strong>Guide</strong><br />

390 01-30005-0203-20070830

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!