and password that matches that of a user added to the firewall to be allowed to connect through the
firewall.
Requiring passwords is not supported in Transparent mode.
You can add authentication to any Int to Ext, Int to DMZ, DMZ to Int, and DMZ to Ext policy, but not to
Incoming policies. You can require authentication for connections to the Internet from the internal network
or from the DMZ. You can also require authentication for connections to the DMZ from the internal
network or for connections to the internal network from the DMZ.
Users can only enter passwords using HTTP, FTP, or Telnet. If users are required to enter a user name
and password to access the Internet, they must connect to the firewall using a web browser, FTP, or
Telnet to enter their user name and password.
A user's authentication remains valid for an idle time out of 15 minutes. If the user does not access
services through the firewall for more than 15 minutes, they must enter their user name and password
again for access.
Adding users
•
Go to
Firewall > Users
.
•
Click New.
•
Enter a User Name and Password to add users to the DFL-1000.
The password must be at least 6 characters long and may contain numbers (0-9) and upper and
lower case letters (A-Z, a-z) but no spaces.
•
Click OK.
Adding a user
Adding authentication to a policy
Once you have added user names and passwords you can add or edit policies to require authentication.
•
Go to
Firewall > Policy
.
•
Click the tab corresponding to the type of policy to add.
You can add authentication to Int to Ext, Int to DMZ, DMZ to Int, and DMZ to Ext policies.
•
Click New to add a policy or click Edit
to edit a policy to add authentication.
•
Configure the policy as required.
•
Set Action to Auth.
•
Click OK to save the policy
•
Arrange the policy in the policy list to have the effect that you expect.
DFL-1000 User’s Manual
43