Manage Users, Authentication, and VPN
Certificates
306
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
4.
Click
Apply
to save your settings. The domain is added to the List of Domains table.
5.
If you use local authentication, make sure that it is not disabled: in the Local Authentication
section of the Domain screen (see
Figure
201
on page
304), select the
No
radio button.
Authentication Type
(continued)
Note:
If you select
any type of RADIUS
authentication, make
sure that one or more
RADIUS servers are
configured (see
RADIUS Client and
Server Configuration
on page
247).
•
MIAS-PAP
. Microsoft Internet Authentication Service (MIAS) PAP. Complete
the following fields:
-
Authentication Server
-
Authentication Secret
•
MIAS-CHAP
. Microsoft Internet Authentication Service (MIAS) CHAP.
Complete the following fields:
-
Authentication Server
-
Authentication Secret
•
NT Domain
. Microsoft Windows NT Domain. Complete the following fields:
-
Authentication Server
-
Workgroup
•
Active Directory
. Microsoft Active Directory. Complete the following fields, and
make a selection from the LDAP Encryption drop-down list:
-
Authentication Server
-
Active Directory Domain
•
LDAP
. Lightweight Directory Access Protocol (LDAP). Complete the following
fields, and make a selection from the LDAP Encryption drop-down list:
-
Authentication Server
-
LDAP Base DN
Select Portal
The portal that is assigned to this domain and that is presented to the user to enter
credentials. The default portal is SSL-VPN.
Authentication Server
The server IP address or server name of the authentication server for any type of
authentication other than authentication through the local user database.
Authentication Secret
The authentication secret or password that is required to access the authentication
server for RADIUS, WiKID, or MIAS authentication.
Workgroup
The workgroup that is required for Microsoft NT Domain authentication.
LDAP Base DN
The LDAP distinguished name (DN) that is required to access the LDAP
authentication server. This should be a user in the LDAP directory who has read
access to all the users that you would like to import into the VPN firewall. The Bind
DN field accepts two formats:
•
A display name in the DN format
. For example:
cn=Jamie Hanson,cn=users,dc=test,dc=com.
•
A Windows login account name in email format
. For example:
[email protected]. This last type of bind DN can be used only for a
Windows LDAP server.
Active Directory
Domain
The Active Directory domain name that is required for Microsoft Active Directory
authentication.
Table 76.
Add Domain screen settings (continued)
Setting
Description