: Device > Access Domain
Focus
Focus

Device > Access Domain

Table of Contents
End-of-Life (EoL)

Device > Access Domain

  • Device > Access Domain
Configure access domains to restrict administrator access to specific virtual systems on the firewall. The firewall supports access domains only if you use a RADIUS, TACACS+, or SAML identity server (IdP) server to manage administrator authentication and authorization. To enable access domains, you must define:
When an administrator attempts to log in to the firewall, the firewall queries the external server for the access domain of the administrator. The external server returns the associated domain and the firewall then restricts the administrator to the virtual systems that you specified in the access domain. If the firewall does not use an external server for authenticating and authorizing administrators, the DeviceAccess Domain settings are ignored.
On Panorama, you can manage access domains locally or by using RADIUS VSAs, TACACS+ VSAs, or SAML attributes (see Panorama > Access Domains).
Access Domain Settings
Description
Name
Enter a name for the access domain (up to 31 characters). The name is case-sensitive and must be unique. Use only letters, numbers, hyphens, underscores, and periods.
Virtual Systems
Select virtual systems in the Available column and Add them.
Access Domains are only supported on firewalls that support virtual systems.