Configuring Remote Access Users

In the VPN > Remote Access Users page you can configure remote access permissions for users and groups.

Users and user groups can be configured in other pages as well (Users & Objects > Users). This page is dedicated to those with remote access permissions. You can add through it:

  • New local users

  • New users groups

  • Active Directory group

  • Active Directory permissions

  • RADIUS group

You can also set SSL VPN bookmarks by user, user group, RADIUS users and Active Directory group.

If no authentication servers are defined, click the Active Directory / RADIUS server link to define them.

Note that when User Awareness is turned off, there is no user identification based on Browser-Based Authentication and Active Directory Queries.

To add a new local user with remote access permissions:

  1. Click Add > New Local User.

  2. In the Remote Access tab in the window that opens, enter this information:

    • User name

    • Password - Enter this again in the Confirm field.

      Note - The password can be up to 100 characters.

    • Comments (optional)

  3. For temporary or guest users, click Temporary user.

    Enter the expiration date and time.

  4. Do not clear the Remote Access permissions checkbox.

  5. In the SSL VPN Bookmarks tab, configure the SSL VPN bookmarks (see below).

  6. Click Apply.

    The user is added to the table on the page.

To add a new local users group with remote access permissions:

  1. Click Add > New Users Group.

  2. In the Remote Access tab, enter the group name.

  3. Do not clear the Remote Access permissions checkbox.

  4. Select initial users to add to the group by clicking the relevant checkboxes from the user list or click New to create new users.

    You can see a summary of the group members above the user list. You can remove members by clicking the X next to the relevant user name.

  5. In the SSL VPN Bookmarks tab, configure the SSL VPN bookmarks (see below).

  6. Click Apply.

    The group is added to the table on the page.

To add remote access permissions to an existing Active Directory group:

  1. Click Add > Active Directory Group.

  2. If no Active Directory was defined, you are prompted to configure one. For more information on configuring Active Directory see VPN > Authentication Servers.

  3. When an Active Directory has been defined, you see a list of available user groups defined in the server.

  4. Select one of the user groups.

  5. Click Apply.

    The Active Directory group is added to the table on the page.

To add remote access permissions to all users in defined in an Active Directory:

  1. Click Edit Permissions or Add > Active Directory Permissions.

  2. Select All users in Active Directory. With this option, it is not necessary to use the VPN > Remote Access Users page to select specific users.

    Note that most Active Directories contain a large list of users and you might not want to grant them all remote access permissions to your organization. Usually you keep the Selected Active Directory user groups option.

  3. Click Apply.

    The Active Directory is added to the table on the page.

To add remote access permissions for users defined in the RADIUS group:

  1. Click Add > RADIUS Group.

  2. If no RADIUS group was defined, you are prompted to configure one.

  3. Select or clear the Enable RADIUS authentication for remote access users checkbox.

  4. When selected, choose which users are given remote access permissions:

    • To allow all users defined in the RADIUS server to authenticate - Select All users defined on RADIUS server

    • Specific user groups defined in the RADIUS server - Select For specific RADIUS groups only and enter in the text field the names of the user groups separated by commas

    • To allow administrators with read-only permissions to authenticate - Select Read-only Administrators

  5. Click Apply.

    The RADIUS server or specific users from the RADIUS server are added to the table on the page.

To configure SSL VPN bookmarks:

  1. Click Add > New Local User/Users Group/Active Directory Group > SSL VPN Bookmarks tab.

    A new window opens.

  2. Enter new bookmarks or select existing bookmarks.

    Note - If you select Global bookmark, this bookmark is always shown.

  3. Click Apply.

To edit a user or group:

  1. Select the user or group from the list.

  2. Click Edit.

  3. Make the relevant changes and click Apply.

To delete a user or group:

  1. Select the user or group from the list.

  2. Click Delete.

  3. Click OK in the confirmation message.

    The user or group is deleted.