Internal Interfaces" And "External Interfaces" Tabs; User Passwords; Authentication Periods Allowed; Advanced Properties - Stormshield SN series Configuration Manual

Select a style sheet to
apply (CSS file)
The "Reset" button allows you to go back to the original versions of the visual identity (logo and
style sheet) and the default Conditions of use for internet access.

"Internal interfaces" and "External interfaces" tabs

User passwords

Users cannot change
their passwords
Users can change their
passwords
Users must change
their passwords

Authentication periods allowed

Minimum duration
Maximum duration
For transparent
authentication

Advanced properties

Allow access to the
.PAC file from internal
interfaces
User enrolment
Stormshield Network offers web-based user enrolment. If the user attempting to connect does not
exist in the user database, he may request the creation of his account via web enrolment.
For certificate requests (CSR) by the user, they will be signed by the certificate authority (CA)
chosen by default in the menu Certificates and PKI.
Do not allow user
enrolment
Page 57/448
Import a new style sheet in css, which will override the portal's graphics.
By selecting this option, users will not be able to change their authentication
passwords on the Stormshield Network Firewall.
By selecting this option, users will be able to change their authentication passwords
from the authentication portal, at any time with no restrictions on validity.
By selecting this option, users will need to change their authentication passwords on
the Stormshield Network Firewall on their first connection to the Firewall's
authentication portal, and then for each time the password expires. This duration is
specified in days without a specific time.
The field Lifetime appears below, allowing you to indicate the number of days the
password will remain valid.
NOTE
If the user password is valid for 1 day and that the password was initialized for the
first time at 2.00 p.m. on 25 November 2010, the password has to be changed from
12.00 midnight on 26 November 2010 and not 24 hours later.
Minimum duration for which the user can be authenticated, in minutes or in hours (up
to 24 hours).
Maximum duration for which the user can be authenticated, in minutes or in hours (up
to 24 hours).
This SSO-based (Single Sign-On) authentication method allows defining the duration
for which the firewall will not request any transparent re-authentication.
By selecting this option, you will be authorizing the publication of the .pac file on the
internal interfaces.
The publication of the .pac file is also possible on external interfaces.
If this option is selected, no "unknown" users will be able to register or create
accounts with the LDAP directory.
SNS - USER CONFIGURATION MANUAL V.3
sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
AUTHENTICATION