Define Authentication options for Engine Access rules

The Authentication options define which users can authenticate and the type of authentication required.

A mobile VPN always requires some form of authentication, but you can also add an authentication requirement to non-SD-WAN rules.

The authentication requirements are configured in the Authentication cell. The cell accepts User and User Group elements to define the end users who are allowed to make connections allowed by the rule, and Authentication Method elements to define the type of authentication required for connections that match the rule.

If the authentication fails, the connection is discarded. If the authentication succeeds, the connection is allowed through.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. Double-click the Authentication cell.
  2. Configure the settings, then click OK.

Authentication Parameters dialog box

Use this dialog box to configure authentication parameters for Access rules in Engine policies.

Option Definition
Users tab

Add the users or user groups that this rule applies to.

Resources section. Add elements from this list to the list in the Content section. Click Add to add an element to the list, or Remove to remove the selected element. You can also drag and drop elements.
Filter Allows you to filter the elements shown.
Up Navigates up one level in the navigation hierarchy. Not available at the top level of the navigation hierarchy.
Tools > New Allows you to create a new element.
Tools > Show Deleted Elements When selected, elements that have been moved to the Trash are visible.
Option Definition
Authentication Methods tab

Add the authentication methods allowed for this rule.

Authentication Methods section. Shows the available authentication methods. Add elements from this list to the list in the Accepted Authentication Methods section. Click Add to add an element to the list, or Remove to remove the selected element. You can also drag and drop elements.
Set to ANY Allows any of the supported authentication methods.