ADC SG-1 Manuel D’Utilisation

7-13

In a SG-1 system, virtual private tunnels (VPNs) are created upon RADIUS request. The tunneling service is always 
enabled within the SG-1 (there is no configuration command for turning it on or off). The domain-authentication 
configuration command is used to enable and disable authentication of the user's domain.

The domain-authentication separator command defines a list of characters that will be regarded as separators within 
usernames. The SG-1 can then extract the domain name by discarding the portion of the username before the 
separator. This command also enables the domain authentication process. The valid separators are !, @, #, $, %, 
and -.

To define @ and # as separators and enable domain authentication, type:

 (then press ENTER).

To turn off the domain authentication process, type:

 (then press ENTER).

• The authentication web-auth-method command defines the system authentication method to be used in WEB

authentication (when authenticating a user via WEB authentication process).

• The system default value is PAP. When configured to its default values the system does not present it in write

terminal command. 

• The authentication methods are PAP or CHAP. The system should authenticate a WEB authenticated user

based on this configuration. When CHAP is configured the system should process all necessary attributes for
CHAP authentication (produce challenge, calculate the response based on the challenge and the password
and communicate with the RADIUS as defined in the RFC).

Usage:

Parameter(s)

Set the system WEB authentication method.

PAP – Authenticate the user using PAP

CHAP – Authenticate the user using CHAP