Configuring Securid Authentication - Watchguard Firebox FireboxTM System 4.6 User Manual

Watchguard firebox system user guide
Hide thumbs Also See for Firebox FireboxTM System 4.6:
Table of Contents

Advertisement

8
Enter the value of the shared secret between the Firebox and the CRYPTOCard
server.
This is the key or client key in the "Peers" file on the CRYPTOCard server. This key is case
sensitive and must be identical on the Firebox and the CRYPTOCard server for CRYPTOCard
authentication to work.
9
Click OK.
The Member Access and Authentication Setup dialog box closes, and the new authentication
settings are saved.
10 Gather the IP address of the Firebox and the user or group aliases to be
authenticated via CRYPTOCard. The aliases appear in the "From" and "To"
listboxes in the individual services' Properties dialog boxes.
On the CRYPTOCard server:
1
Add the IP address of the Firebox where appropriate according to
CRYPTOCard's instructions.
2
Take the user or group aliases from the service properties listboxes and add them
to the group information in the CRYPTOCard configuration file. Only one group
can be associated with each user.
For more information, consult the CRYPTOCard server documentation.

Configuring SecurID authentication

For SecurID authentication to work, the RADIUS and ACE/Server server must first
be correctly configured. In addition, users must have a valid SecurID token and PIN
number. Please see the relevant documentation for these products.
From Policy Manager:
1
Select Setup => Authentication.
The Member Access and Authentication Setup dialog box appears.
Under Authentication Enabled Via, click the SecurID Server option.
2
3
Click the SecurID Server tab.
You might need to use the arrow buttons in the upper-right corner of the dialog box to bring this
tab into view.
4
Enter the IP address of the SecurID server.
5
Enter or verify the port number used for SecurID authentication.
The default is 1645.
6
Enter the value of the secret shared between the Firebox and the SecurID server.
The shared secret is case sensitive and must be identical on the Firebox and the SecurID server.
VPN Manager Guide
The filter rules for CRYPTOCard user Filter-IDs are case-sensitive.
WatchGuard does not support the third-party program Steel Belted RADIUS
for use with SecurID. Customers should use the RADIUS program bundled
with the RSA SecurID software.
Configuring SecurID authentication
91

Advertisement

Table of Contents
loading

Related Products for Watchguard Firebox FireboxTM System 4.6

Table of Contents