Manualshelf

User guide

ManualsBrandsWatchguard ManualsComputer equipmentFirebox X4500
191192193194195196197198199200
User Guide 185
User and Group Management
Authenticate a session without administrative access
If you require authentication to the Edge for the user to access resources such as the external network, the
user must connect to the trusted interface IP address of the Edge using HTTPS, and type a user name and
password. The default URL for the trusted interface IP address of the Edge is https://192.168.111.1. If the
user’s administrative access is set to None, the user sees the Login Status page instead of the Edge System
Status page.
If the Firebox is configured to use local authentication, the user must type his or her user name as it appears
in the Firebox User list. If the Firebox is configured to use LDAP, Active Directory, or RADIUS servers for
authentication, the user must include the domain name. For example, if a user authenticates using the local
Firebox user list, he or she types jsmith. If the user authenticates with an LDAP or RADIUS authentication
server through the Edge, the user must type MyCompany\jsmith.
When a user authenticates with the Firebox X Edge and makes an Internet connection, their user name
appears in the Active Sessions section of the Firebox Users page.
The Login Status page can be seen at any time when the user returns to the URL for the Edge. If the user is
logged in, the user can use this page to:
See how long their session has been active.
See how long they can be idle before the session times out.
Change their password.
Log out of their session.
Create a read-only administrative account
You can create a local user account with access to see Firebox X Edge e-Series configuration pages, but not to
save configuration changes to the Firebox. When a user logs in as a read-only administrator, the user cannot:
Click the Reboot button on the System Status page.
Change the configuration mode on the External page.
Click the Reset Event Log and Sync Time with Browser Now buttons on the Logging page.
Click the Synchronize Now button on the System Time page.
Click the Regenerate IPSec Keys button on the VPN page.
Change the configuration mode on the Managed VPN page.
Launch configuration wizards from the Wizard page.
If the user tries to do these things, the user sees a message that says the user has insufficient access rights to
make changes to the Edge configuration.
To create a read-only user account, edit the user account. Use the Administrative Access drop-down list to
select Read Only.