8Chapter153AuthenticationAuthentication profilesAuthentication refers to the process of checking and verifying credentials of external usersbefore allowing them access to requested resources through the SEG. The resources could bepublic Internet access from an internal network, access to an internal server from an externaluser via VPN, or perhaps administrator access to the SEG itself.The SEG objects that control authentication are Authentication Profiles. Each profile defines aset of parameters for performing authentication. In particular, a profile defines theAuthentication Source, which could be an internal SEG database or an external database suchas a RADIUS server.To be useful, authentication profiles must be associated with other objects. For example, anIPsec interface can have a profile associated with it so that roaming clients that connectthrough the IPsec tunnel trigger the authentication described by the profile.An authentication profile has the following properties:• Agent TypeThis is the type of authentication that will be used. The choices are:• BASIC: This is the default and indicates standard username/password authentication.For example, the profile associated with the RemoteMgmtSSH object to allowadministration SSH access should have this type.• EAP: This option is used in I‐WLAN scenarios with IKEv2 IPsec tunnels.• Authentication SourceThis database used for authentication. The choices are:• Local user database(s)• RADIUS serverWhen using multiple sources, there are further options. The choices are:• Continue on no response from the source and try the next source in the profile.• Continue on failed validation and try validation with the next source in the profile. Bydefault, this option is deactivated.• Load balance using round‐robin. Each authentication source will be used sequentiallyby sequential triggers. By default, this option is deactivated.