NETGEAR STM150EW-100NAS Router User Manual


 
Manage Users, Authentication, and VPN Certificates
401
ProSecure Unified Threat Management (UTM) Appliance
Configure User Accounts
The UTM supports both unauthenticated and authenticated users:
Unauthenticated users. Anonymous users who do not log in to the UTM and to which
the UTM’s default email and web access policies apply.
Authenticated users. Users who have a computer behind the UTM, who log in to the
UTM with a user name and password, and who are assigned an access policy that
usually differs from the UTM’s default email and web access policies. Different users or
user groups can have different access policies, so there can be multiple access policies
on the UTM.
In addition to being authenticated as individual users, users can be authenticated on the
UTM according to group membership or IP address:
- Group membership. A group is defined in the UTM’s local database, an LDAP
database, or a RADIUS database. If you use a RADIUS database for authentication,
a group can also be defined in a VLAN.
- IP address. A group is defined by its IP address and subnet.
When you create a user account, you need to assign the user to a user group. When you
create a group, you need to assign the group to a domain that specifies the authentication
method. Therefore, you should first create any domains, then groups, and then user
accounts.
You can create different types of user accounts by applying pre-defined user types:
Administrator. A user who has full access and the capacity to change the UTM
configuration (that is, read/write access).
SSL VPN User. A user who can log in only to the SSL VPN portal.
IPSEC VPN User. A user who can make an IPSec VPN connection only through a
NETGEAR ProSafe VPN Client, and only when the XAUTH feature is enabled (see
Configure Extended Authentication (XAUTH) on page 308).
Guest user. A user who can only view the UTM configuration (that is, read-only access).
PPTP VPN User. A user who can make a connection to the PPTP server only.
L2TP VPN User. A user who can make a connection to the L2TP server only.
To create an individual user account:
1. Select Users > Users. The Users screen displays. (The following figure shows the
UTM’s default users—admin and guest—and, as an example, several other users in the
List of Users table.)