Place for storing SSL VPN user information on the USG6000

6

The information is stored in userinfo.db and invisible to users.

Other related questions:
Where is the USG6000 firewall SSL VPN user information stored
Stored in userinfo.db, the user is not visible.

Locking out SSL VPN users on the USG6000
user-manager user user-name state block //Lock out users. state active //Cancel locking out users.

Manually importing SSL VPN users in batches on the USG6000
The procedure for manually importing users and user groups in batches on the USG6000 is as follows: 1. Prepare a CSV file and upload the CSF file to the memory of the NGFW. a. The CSV file can be obtained in the following ways: Export a CSV template from the local NGFW or other NGFWs. Fill in user information in the CSV template based on the required format. Choose Object > User > Import User > Local Import or Object > User > User/Group > Member Management > Import and download a CSV template. b Precautions (1) The file name extension of the CSV file is .csv. (2) During the import, if the current number of users reaches the maximum value, the import is suspended and imported users are not affected. If an attribute of a user in the CSV file is invalid, this user and subsequent users cannot be imported and imported users are not affected. (3) After the CSV file is imported successfully, user/group information is imported to the memory. The information is lost after the NGFW restarts. Therefore, save the configuration properly. (4) In two-node hot backup mode, users imported from a CSV file are not backed up from the primary device to the secondary device. Perform import on both the primary and secondary devices. 2. Run the following commands in the system view: user-manage user-import csv-file [ auto-create-group | override ] auto-create-group If the user group to which a user in the CSV file belongs does not exist on the NGFW, the NGFW automatically creates the user group during the import. Override If a user in the CSV file already exists on the NGFW, you can enable the NGFW to automatically update the attributes of this user based on the CSV file.

Importing SSL VPN users to the USG6000 from the server
The procedure for importing users and user groups from the server is as follows: You can import user, user group, and security group information on the server to the NGFW to reduce the manual operation workload. Prerequisites Before importing users, user groups, and security groups from the server, finish the following task: Configure the AD, Lightweight Directory Access Protocol (LDAP), or TSM server. Procedure: 1. Create an AD, LDAP, or TSM server import policy in the system view and access the server import policy view. user-manage import-policy policy-name from { ad | ldap | tsm } 2. Configure a server template. server template template-name The server template defines the parameters used by the NGFW to communicate with the AD, LDAP, or TSM server. The server template must exist and match the authentication server type specified in the server import policy. 3. Configure the start position for importing user, user group, and security group information from the authentication server. server basedn basedn The start position is composed of the server domain name and user group name. The format is: ou=level-N user group,…�?ou=level-2 user group,ou=level-1 user group,dc=level-N domain name,…�?dc=level-2 domain name,dc=level-1 domain name. 4. (Optional) Configure the import type. import-type { all | group | security-group | user | user-group | user-security-group } The import type can be: all: all information group: user group information security-group: security group information user: user information user-group: user and user group information user-security-group: user and security group information 5. (Optional) Configure the user group on the NGFW to which user and user group information is to be imported. destination-group group-name 6. Configure the security group on the NGFW to which user information is to be imported. destination-security-group security-group-name 7. (Optional) Configure the import interval. time-interval time-interval 8. (Optional) Allow users, user groups, and security groups on the authentication server to override those with the same name on the NGFW. import-override enable 9. (Optional) Configure filtering parameters. The filtering parameters take effect only to the AD and LDAP servers. Follow-up processing After creating a server import policy, run execute user-manage import-policy policy-name to import user, user group, and security group information on the server to the NGFW.

How does USG6000 freeze SSL VPN users
user-manager user user-name state block //freeze state active //To freeze

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top