Register a user

  1. Go to Authentication > Users and click Add.
  2. Type a user name to be used for authentication.
  3. Type a name.
    Note This is the user record name, not the user name.
  4. Type a password to be used for authentication.
  5. Select a type.
    OptionDescription
    User End users who are connecting to the internet from behind the firewall.
    Administrator Users who have access to firewall objects and settings as defined in a profile.
  6. Type an email address.
    Note If a user has been imported from Active Directory, XG Firewall overwrites the email addresses given in user registration with the email addresses given by Active Directory at the time of authentication.
  7. Select policies.
    Note Policies specified at the user level take precedence over those specified at the group level.
    OptionDescription
    Group Group to which the user is to be added. The user will inherit all the polices assigned to the group.
    Surfing quota Access based on a defined period and type. This policy can include a cycle type, hours, validity, and maximum hours.
    Access time Access or denial based on a defined recurring period.
    Network traffic Access based on bandwidth usage.
    Traffic shaping Access based on QoS traffic shaping policy. This policy can include a policy association, priority, and specific limits for uploading and downloading.
    Remote access Access to be applied to remote users through VPN.
    Clientless Access to be granted to users using only a browser as a client. This policy can include bookmarks or resources that clientless users are allowed to access.
  8. Specify settings.
    Note Settings specified at the user level take precedence over those specified at the group level.
    OptionDescription
    L2TP Allow access using L2TP. Optionally, specify an IP address to be leased to the user for L2TP access.
    PPTP Allow access using PPTP. Optionally, specify an IP address to be leased to the user for PPTP access
    Sophos Connect client Allow remote access using a configured CISCO VPN client. Optionally, specify an IP address to be leased to the user for CISCO VPN access
    Quarantine digest Send a list of the email messages held in the quarantine in digest form.
    Simultaneous logins Number of concurrent sessions that will be allowed for the user. Use the value specified in the global settings or specify a value.
    MAC binding Require users to log on through the specified devices.
    Login restriction Allow access from the specified nodes. You can specify no restriction (any node), named nodes, or a node range.
  9. For administrator users, click Administrator advanced settings and specify settings.
    OptionDescription
    Schedule for device access Allow access the device only during the time selected.
    Login restriction for device access Allow access from the specified nodes. You can specify no restriction (any node), named nodes, or a node range.
  10. Select Save.