Filter
Top Products
Chapter 16 Authentication server 307
BCM50a Integrated Router Configuration — Basics
Table 83 describes the labels in Figure 103.
Table 83 Local User database edit
Label Description
Active Select this check box to turn on the user account. Clear this check box to
turn off the user account.
User Type Select 802.1X to set this user account to be used for a IEEE 802.1X logon.
Select IPSec to set this user account to be used for an IPSec logon. Select
802.1X/IPSec to set this user account to be used for both IEEE 802.1X and
IPSec logons.
User Name Specify the user ID to be used as the logon name for the user account.
Password Enter a password up to 31 characters long for this user account.
Note that as you type a password, the screen displays a (*) for each
character you type.
Retype to
Confirm
Enter the password again to make sure that you have entered it correctly.
IPSec User
Profile
The following fields display when you select IPSec or 802.1X/IPSec in the
User Type field.
First Name Enter the user’s first name.
Last Name Enter the user’s last name.
Static IP
Address
Enter the IP address of the remote user in dotted decimal notation.
Static
Subnet
Mask
Enter the subnet mask of the remote user.
Split
Tunneling
Enable or disable split tunneling or inverse split tunneling.
Select Disable to force all traffic to be encrypted and go through the VPN
tunnel.
Select Enabled to allow traffic not going through the VPN tunnel to go
through the WAN interface without being encrypted. This reduces the
processing load on the BCM50a Integrated Router but is less secure since
the Contivity VPN clients’ unencrypted sessions make them vulnerable to
attacks.
Select Enabled - Inverse to force traffic not going to the network subnets
that you specify to be encrypted and sent through the VPN tunnel.
Select Enable - Inverse (locally connected) to force traffic not going to
directly connected networks, or the network subnets that you specify, to be
encrypted and sent through the VPN tunnel.
Configure
Network
Click this link to set up the list of networks to use as split or inverse split
networks.