{{ secondMenu.name }}
Name: Enter a name for this user. This field is required.
Description: Enter a brief description for this user.
Password: Enter the password of this user account.
Mobile Number: Enter the mobile phone number of the user.
Added To: Specify to which user group this user is added.
Inherit authentication settings from parent group: If selected, the current user will inherit its parent group's policy set and authentication settings. If not selected, the authentication settings and policy set could differ from those of its parent group.
Virtual IP Assignment: To set the way users get virtual IP.
Expire indicates the date on which this user account will get invalid. If Never expire is selected, the user account will always be valid. If the On date is selected, select the date as the expiry date.
Public user: Indicate that multiple users can use the user account to access SSL VPN concurrently.
Private user: Indicate that only one user can use the user account to log in to the SSL VPN at a time. If a second user uses this user account to connect to SSL VPN, the previous user will be forced to log out.
Primary Authentication: Indicate the authentication method(s) that is (are) first applied to verify users when they log in to the SSL VPN. If any secondary authentication method is selected, primary authentication will be followed by secondary authentication when the users log in to the SSL VPN. By default, it is a Local password.
Local password: The connecting users need to pass local password-based authentication using the SSL VPN account in this user group.
Secondary Authentication: Secondary authentication is an optional and supplementary authentication method. Select it to require the connecting users to submit the corresponding credentials after passing the primary authentication(s), enhancing security in SSL VPN access.
Hardware ID: This is the unique identifier of a client-end computer. Each computer comprises some hardware components, such as NIC, hard disk, etc., which are unquestionably identified by their features that cannot be forged. SSL VPN client software can extract the features of some terminal hardware components and consequently generate the hardware ID. This hardware ID should be submitted to the Sangfor device and bound to the corresponding user account. Once the administrator approves the submitted hardware ID, the user can pass hardware ID-based authentication when accessing SSL VPN through a specified terminal(s). This authentication method helps to eliminate potential unauthorized access. As mentioned above, multiple users could use the same user account (public user account) to access SSL VPN concurrently. It is reasonable that a user account may bind to more than one hardware ID. That also means an end-user can use one account to log in to SSL VPN through different endpoints, as long as the user account is binding to the hardware IDs submitted by the user from those endpoints.
Click the Roles field to enter the Assigned Roles page, as shown below:
Click Add to enter the Select Role page, as shown below:
Select the checkbox next to the desired roles and click the OK button. The roles are added to the Assigned Roles page.
Click the OK button and name the assigned roles filled in the Roles field.
If the desired role is not found in the list, click Create + Associate to create a new role and associate with the user group. (The procedures of creating a role are the same as that in the Roles Adding section).
To remove a role from the list, select the role and click Delete.
To edit a role, select the role and click Edit.
{{ $t('index.defaultHeader.chromeBrowserTip') }}