Chapter2authentication
onlineuserdeleteaddr
Command
Function
ThiscommandisusedtodeleteonlineuseraccordingtoIPaddress
andforceshimtobeofīine.
CommandFormatonlineuserdeleteaddraddr<ipaddress>
Parameter
Description
Parameter
Description
<ipaddress>ThisisonestandardIPaddressstring,which
isIPaddressofonlineusertobedeleted.
Command
Illustration
ThesameusercanlogintoFWwithmultipleIPaddresses.By
executingthiscommand,userusingspeciīæcIPaddresstologinto
FWisforcedtobeoffline,butusersusingotherIPaddressesto
logintoFWarestillonline.
ExampleTodeleteuserwhoseIPaddressis192.168.83.220,executethe
followingcommand:
#onlineuserdeleteaddraddr192.168.83.220
server
Thissetofcommandsisusedtoconīægureandmanageauthenti-
cationserverinformation.
Generally,eachauthenticationprotocolusesoneseparatedata-
basetostoreuserinformation.Thehostinstalledwithauthenti-
cationdatabaseiscalledauthenticationserver .Differentauthen-
ticationprotocolscanusedifferentauthenticationserversorshare
thesameonehost.
Afterdeīæningauthenticationdatabase,administratorcanspecify
theuserthatpassesFWfromonesecurityareatoaccessanother
securityareaandFWjudgesiftheaccessoperationislegalac-
cordingtoinformationinuserauthenticationdatabase.
serveradd
Command
Function
Thiscommandisusedtoaddauthenticationserver .Authentication
serverhasthefollowingtypes:Localauthenticationserver ,Ra-
diusserver ,TACACservervr ,certiīæcateauthenticationserver ,LDAP
server ,domainauthenticationserverandSecurIDauthentication
server .Asforlocalauthenticationserverandcertauthentication
server ,theyarestartedwhenbeingadded.
CommandFormatserveraddname<string1>protocol<local|radius|tacacs
|securid|cert|ldap|domain>timeout<string2>[ip_address
<ipaddress>][port<number>][shared_sceret<string3>][se
rver_dn<string4>]
ConfidentialandProprietaryInformationofZTECORPORATION11
To Next Page
Loading...
