5. Procedure – Using the Authentication Agent (AA)

Purpose: 

When the user launches an application that requires authentication (for example, a web browser, e-mail client, and so on) the PNS firewall automatically displays the authentication client on the user's screen.

The client displays the name of the service requiring authentication (intra_http in the above example), and — provided that the administrator enabled it — further details of the connection (for example, destination IP address).

Steps: 

  1. To save your credentials so that the client will fill the username and password automatically for later authentication attempts, select Save session if done. For details on configuring password storage period length and deleting a prevously saved password, see Procedure 6, Configuring Authentication Agent preferences (Windows).

    To cancel the authentication at any time, click Abort.

    >
    The Authentication Agent

    Figure 19. The Authentication Agent

  2. Enter your username in the Enter your user name field and click Next.

  3. Select the authentication method to use from the Select authentication method list. The list displays only the methods that are available for this user.

    Selecting authentication method

    Figure 20. Selecting authentication method

    • To authenticate with a password, select Password authentication.

    • To use Kerberos authentication, select GSSAPI authentication.

      Note

      When using Kerberos authentication the authentication client is not displayed if you have configured Automatic Kerberos authentication in Preferences. For details, see Procedure 6, Configuring Authentication Agent preferences (Windows).

    • To authenticate with an X.509 certificate, select X.509 certificate.

  4. Provide the information required for the selected authentication method. For example, for Password authentication, enter your password.

    Entering the password

    Figure 21. Entering the password

    Note

    After successful authentication, the window of the authentication client is closed automatically, and the connection to the target server is established. If the authentication fails, the client displays an error message.