PingID Administration Guide

Configuring an accessing from countries rule (RADIUS PCV and SSH)

According to the country, determine which authentication action to prompt the user with on the machine that uses RADIUS PCV or SSH for access.

About this task

The country location is determined by the IP address of the accessing device and not by the IP address of the authentication device.

Steps

  1. From within the relevant policy, click Add Rule and from the Conditions list, select Accessing from countries. A screen capture of the + Add Rule button and list.

  2. From the Action list:

    Choose from:

    • Authenticate: Allows a user to authenticate using any of the authentication methods allowed at the policy level.

      If more than one authentication method is available, the method initiated by default is the method most recently paired by the user that is authenticating.

    • Deny: Denies access.

    • Select a specific authentication method. The options listed are defined by those configured at policy level. For a description of each authentication type, see Rule authentication actions.

    A screen capture of the Accessing from countries rule wizard displaying the Action and Countries configuration.
  3. From the Countries list, select the check box of each country to which you want the policy to apply.

    Option Description

    Search bar

    Use to search for a specific country, enter the country name or part of the name. Only countries whose name contains that string are displayed.

    Show Only Selected

    Use to show only the countries you have selected.

    Select All

    Use to select all countries.

  4. If you have more than one rule listed, from the Rules list, click and drag the new rule and place it in the order you want it to be considered. Click Save Order.

  5. Click Save.

Next steps

To ensure the policy is applied to your organization, go to PingID → Configuration and ensure Enforce Policy is set to Enabled.