Cisco Cisco Web Security Appliance S170 Guía Del Usuario
21-8
AsyncOS 8.5 for Cisco Web Security Appliances User Guide
Chapter 21 Perform System Administration Tasks
Administering User Accounts
Changing Passwords
To change the password of the account currently logged in, use the Options > Change Password option
located on the top right-hand side of the web interface, as shown:
located on the top right-hand side of the web interface, as shown:
Figure 21-1
The Change Password Option
For other accounts, edit the account and change the password in the Local User Settings page.
Related Topics
•
•
RADIUS User Authentication
The Web Security appliance can use a RADIUS directory service to authenticate users that log in to the
appliance using HTTP, HTTPS, SSH, and FTP. You can configure the appliance to contact multiple
external servers for authentication, using either PAP or CHAP authentication. You can map external
users accounts to different Web Security appliance user role types.
appliance using HTTP, HTTPS, SSH, and FTP. You can configure the appliance to contact multiple
external servers for authentication, using either PAP or CHAP authentication. You can map external
users accounts to different Web Security appliance user role types.
Sequence of Events For Radius Authentication
When external authentication is enabled and a user logs into the Web Security appliance, the appliance:
1.
determines if the user is the system defined “admin” account.
2.
If not, checks the first configured external server to determine if the user is defined there.
3.
If the appliance cannot connect to the first external server, it checks the next external server in the
list.
list.
4.
If the appliance cannot connect to any external server, it tries to authenticate the user as a local user
defined on the Web Security appliance.
defined on the Web Security appliance.
5.
If the user does not exist on any external server or on the appliance, or if the user enters the wrong
password, access to the appliance is denied.
password, access to the appliance is denied.
Enabling External Authentication Using RADIUS
Step 1
On the System Administration > Users page, click Enable.
Step 2
Check the Enable External Authentication checkbox.
Step 3
Enter the hostname, port number, and Shared Secret password for the RADIUS server.
Step 4
Enter the number of seconds for the appliance to wait for a response from the server before timing out.
Step 5
Choose the authentication protocol used by the RADIUS server.