Defining Firebox Users and Groups for Authentication

In the absence of a third-party authentication server, you can divide your company into groups and users for authentication. Assign employees or members to groups based on factors such as common tasks and functions, access needs, and trustworthiness. For example, you might have a group for accounting, another for marketing, and a third for research and development. You also might create a probationary group with high restrictions for new employees.

 

Within groups, you define users according to factors such as the method they use to authenticate, the type of system they use, or the information they need to access. Users can be either networks or individual computers. As your organization changes, you can add or remove users or systems from groups.

Note: You can define only a limited number of Firebox users. If you have more than approximately 100 users to authenticate, WatchGuard recommends that you use a third-party authentication server.

WatchGuard automatically adds two groups--intended for remote users--to the basic configuration file:

ipsec_users
    Add the names of authorized users of MUVPN.

pptp_users
    Add the names of authorized users of RUVPN with PPTP.

 

You can use Policy Manager to add, edit, or delete other groups to the configuration file or to add or modify the users within a group.

 

From Policy Manager:

  1. Select Setup => Authentication Servers.
    The Authentication Servers dialog box appears .  
  2. To add a new group, click the Add button beneath the Groups list.
    3. The Add Firebox Group dialog box appears.
  3. Type the name of the group. Click OK.
  4. To add a new user, click the Add button beneath the Users list.
    The Setup Firebox User dialog box appears .
  5. Enter the username and password.
  6. To add the user to a group, select the group name in the Not Member Of list. Click the left-pointing arrow to move the name to the Member Of list.
  7. When you finish adding the user to groups, click Add.
    The user is added to the User list. The Setup Firebox User dialog box remains open and cleared for entry of another user.
  8. To close the Setup Firebox User dialog box, click Close.
    The Firebox Users tab appears with a list of the newly configured users.
  9. When you finish adding users and groups, click OK.
    The users and groups can now be used to configure services and authentication.

 

 

Related topics:

Using Aliases

How User Authentication Works

Creating Aliases and Implementing Authentication

Defining a User for a Firebox Authenticated Group (MUVPN)

Adding New Users to Authentication Groups (RUVPN with PPTP)

 

 

Return to Top

Copyright © 1996 - 2003 WatchGuard Technologies, Inc. All rights reserved.
Legal Notice/Terms of Use