Applies To:Show Versions
Authentication in Access Policy Manager
Access Policy Manager® provides several benefits when it comes to authenticating and authorizing your users.
|Policy component||Administrators are able to add various types of supported authentication methods as basic components to their access policy.|
|Flexibility||Administrators can combine multiple authentication mechanisms in an arbitrary manner for a single access policy.|
|Performance||Administrators should see high optimization (approximately 250 logins/sec.).|
|Extensible||Administrators can configure an access policy to retrieve user's credentials from multiple sources (for example, client certificate fields) as input to an authentication subsystem.|
|Customizable input||Administrators can customize login page input and add the customized login page to their access policy.|
|Generic output||Administrators can use the results from an authentication subsystem as input for various other functionality, for instance, resource assignments.|
These illustrations depict the use of authentication as an access policy component. They also show how various authentication schemas are combined together within a single access policy, and the result from authentication is used for assigning the appropriate resources to a user.
About AAA traffic and route domains
To use route domains for AAA authentication traffic, you must use the pool option in the AAA server configuration. When Use Pool is the selected Server Connection option, the server address field can take an IP address with route domain (IPAddress%RouteDomain) format. The route domain value is ignored when the AAA server is configured in direct option.