>
    Configure Local Database Authentication
    Focus
    Download PDF
    Focus
    1. Home
    2. PAN-OS
    3. Authentication
    4. Configure Local Database Authentication
    Download PDF

    Configure Local Database Authentication

    Table of Contents
    End-of-Life (EoL)

    Configure Local Database Authentication

    You can configure a user database that is local to the firewall to authenticate administrators who access the firewall web interface and to authenticate end users who access applications through Authentication Portal or GlobalProtect. Perform the following steps to configure Local Authentication with a local database.
    External Authentication Services are usually preferable to local authentication because they provide the benefit of central account management.
    You can also configure local authentication without a database, but only for firewall or Panorama administrators.
    1. Add the user account to the local database.
      1. Select DeviceLocal User DatabaseUsers and click Add.
      2. Enter a user Name for the administrator.
      3. Enter a Password and Confirm Password or enter a Password Hash.
      4. Enable the account (enabled by default) and click OK.
    2. Add the user group to the local database.
      Required if your users require group membership.
      1. Select DeviceLocal User DatabaseUser Groups and click Add.
      2. Enter a Name to identify the group.
      3. Add each user who is a member of the group and click OK.
    3. Configure an authentication profile.
      The authentication profile defines authentication settings that are common to a set of users. Set the authentication Type to Local Database.
    4. Assign the authentication profile to an administrator account or to an Authentication policy rule for end users.
    5. Verify that the firewall can Test Authentication Server Connectivity to authenticate users.

    © 2024 Palo Alto Networks, Inc. All rights reserved.