Configuring advanced authentication policies
If you know exactly how you want an authentication policy to be configured, you can use the advanced authentication policy dialog to create the policy quickly.
To configure an advanced authentication policy by using the configuration utility
- Navigate to Security > AAA - Application Traffic > Policies > Authentication > Advanced Policies, and then select Policy.
- In the details pane do one of the following:
- To create a new policy, click Add.
- To modify an existing policy, select the policy, and then click Edit.
- In the Create Authentication Policy or Configure Authentication Policy dialog box, type or select values for the parameters.
- Name*—The policy name. Cannot be changed for a previously configured policy.
- Action Type*—The policy type: Cert, Negotiate, LDAP, RADIUS, SAML, SAMLIDP, TACACS, or WEBAUTH.
- Action*—The authentication action (profile) to associate with the policy. You can choose an existing authentication action, or click the plus and create a new action of the proper type.
- Log Action—The audit action to associate with the policy. You can choose an existing audit action, or click the plus and create a new action.
- Expression*—The rule that selects connections to which you want to apply the action that you specified. The rule can be simple (“true” selects all traffic) or complex. You enter expressions by first choosing the type of expression in the leftmost drop-down list beneath the Expression window, and then by typing your expression directly into the expression text area, or by clicking Add to open Add Expression dialog box and using the drop-down lists in it to construct your expression.)
- Comment—You can type a comment that describes the type of traffic that this authentication policy will apply to. Optional.
- Click Create or OK, and then click Close. If you created a policy, that policy appears in the Authentication Policies and Servers page.