config user setting
Configure user authentication setting.
config user setting
Description: Configure user authentication setting.
set auth-type [http|https|...]
set auth-cert {string}
set auth-ca-cert {string}
set auth-secure-http [enable|disable]
set auth-http-basic [enable|disable]
set auth-ssl-allow-renegotiation [enable|disable]
set auth-timeout {integer}
set auth-timeout-type [idle-timeout|hard-timeout|...]
set auth-portal-timeout {integer}
set radius-ses-timeout-act [hard-timeout|ignore-timeout]
set auth-blackout-time {integer}
set auth-invalid-max {integer}
set auth-lockout-threshold {integer}
set auth-lockout-duration {integer}
config auth-ports
Description: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET.
edit <id>
set type [http|https|...]
set port {integer}
next
end
end
config user setting
|
Parameter |
Description |
Type |
Size |
|||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
auth-type |
Supported firewall policy authentication protocols/methods. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
auth-cert |
HTTPS server certificate for policy authentication. |
string |
Maximum length: 35 |
|||||||||||
|
auth-ca-cert |
HTTPS CA certificate for policy authentication. |
string |
Maximum length: 35 |
|||||||||||
|
auth-secure-http |
Enable/disable redirecting HTTP user authentication to more secure HTTPS. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
auth-http-basic |
Enable/disable use of HTTP basic authentication for identity-based firewall policies. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
auth-ssl-allow-renegotiation |
Allow/forbid SSL re-negotiation for HTTPS authentication. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
auth-timeout |
Time in minutes before the firewall user authentication timeout requires the user to re-authenticate. |
integer |
Minimum value: 1 Maximum value: 1440 |
|||||||||||
|
auth-timeout-type |
Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
auth-portal-timeout |
Time in minutes before captive portal user have to re-authenticate . |
integer |
Minimum value: 1 Maximum value: 30 |
|||||||||||
|
radius-ses-timeout-act |
Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
auth-blackout-time |
Time in seconds an IP address is denied access after failing to authenticate five times within one minute. |
integer |
Minimum value: 0 Maximum value: 3600 |
|||||||||||
|
auth-invalid-max |
Maximum number of failed authentication attempts before the user is blocked. |
integer |
Minimum value: 1 Maximum value: 100 |
|||||||||||
|
auth-lockout-threshold |
Maximum number of failed login attempts before login lockout is triggered. |
integer |
Minimum value: 1 Maximum value: 10 |
|||||||||||
|
auth-lockout-duration |
Lockout period in seconds after too many login failures. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||
config auth-ports
|
Parameter |
Description |
Type |
Size |
|||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
type |
Service type. |
option |
- |
|||||||||||
|
|
|
|||||||||||||
|
port |
Non-standard port for firewall user authentication. |
integer |
Minimum value: 1 Maximum value: 65535 |
|||||||||||