Brocade Communications Systems 5600 Reference Manual page 43
Openvpn
Hide thumbs
Also See for 5600:
- Configuration manual (187 pages) ,
- Reference manual (96 pages) ,
- Quick start manual (48 pages)
Table of Contents
Advertisement
TABLE 20
Granting the alice and bob service-users access to the vtunx OpenVPN interface
Step
Configure the alice user with a password.
Configure the bob user with a password.
Configure an interface for alice.
Configure an interface for bob.
Commit the configuration.
This configuration allows the alice and bob service users to authenticate themselves by using their
usernames and passwords when connecting with the SSL-VPN client bundles.
To refuse bob any further access to the vtunX OpenVPN interface, you must delete the service-user
reference in the OpenVPN vtunX interface configuration:
vyatta@vyatta# delete interfaces openvpn vtunX auth local user bob
vyatta@vyatta# commit
NOTE
The preceding configuration change does not terminate the existing SSL-VPN session of user bob on
vtunX, nor does it interrupt any other existing SSL-VPN client connection.
To grant access to the vtunX OpenVPN interface a group of multiple service users SSL-VPN, enter the
following commands:
vyatta@vyatta# set resources service-users local group it-dep alice
vyatta@vyatta# set resources service-users local group it-dep bob
vyatta@vyatta# set interfaces openvpn vtunX auth local group it-dep
vyatta@vyatta# commit
The preceding configuration change assigns service users alice and bob to the it-dep group. All users of
that group are granted access to the vtunX OpenVPN interface.
NOTE
A change to the membership of an individual user has immediate impact after the change is committed.
An existing SSL-VPN connection for a service user who is dropped from a group that has been granted
access is not terminated. The change just rejects any further authentication attempts to the vtunX
OpenVPN service instance.
Granting SSL-VPN access to an LDAP the service user
LDAP authentication of an SSL-VPN connection requires a service-user LDAP authentication profile,
which is configured in the following file:
resources service-users ldap profilename
Details on how to set up a service LDAP authentication profile are covered in Service User
Management.
Brocade 5600 vRouter OpenVPN Reference Guide
53-1003719-03
Command
vyatta@vyatta# set resources service-users local user alice auth
plaintext-password foo
vyatta@vyatta# set resources service-users local user bob auth
plaintext-password bar
vyatta@vyatta# set interfaces openvpn vtunX auth local user alice
vyatta@vyatta# set interfaces openvpn vtunX auth local user bob
vyatta@vyatta# commit
Granting SSL-VPN access to an LDAP the service user
43
Advertisement
Table of Contents
Related Manuals for Brocade Communications Systems 5600
Related Products for Brocade Communications Systems 5600
- Brocade Communications Systems 53-1001778-01
- Brocade Communications Systems 53-1001763-02
- Brocade Communications Systems 5300
- Brocade Communications Systems BROCADE 4424 BLADE SERVER 53-1000571-01
- Brocade Communications Systems Dimension 5100
- Brocade Communications Systems Brocade 5000
- Brocade Communications Systems 5450