- WatchGuard Firebox System User Guide

VPN Manager Guide 85

CHAPTER 13 Creating Aliases and

Implementing Authentication

Aliases are shortcuts used to identify groups of hosts, networks, or users with one

name. The use of aliases simplifies user authentication and service configuration.

User authentication provides access control for outgoing connections. Authentication

dynamically maps an individual username to a workstation IP address, allowing the

tracking of connections based on name rather than static IP address.

For more information on aliases or authentication, see the Network Security Handbook.

Using host aliases

Host aliases provide a simple way to remember host IP addresses, host ranges,

groups, usernames, and network IP addresses. They function in a similar fashion to e-

mail distribution lists–combining addresses and names into easily recognizable

groups. Use aliases to quickly build service filter rules or configure authentication.

Aliases cannot, however, be used to configure the network itself.

WatchGuard automatically adds four host aliases to the basic configuration:

firebox Addresses assigned to the three Firebox interfaces

trusted Any host or network routed through the physical Trusted interface

optional Any host or network routed through the physical Optional interface

external Any host or network routed through the physical External interface; in

most cases, the Internet

A host alias takes precedence over a Windows NT or RADIUS group with

the same name.