Table of Contents
Advertisement
3
Next, the client certificate user must be authorized.
To authorize the client certificate:
1
Navigate to the Portals > Domains window and click the Configure icon for the domain to edit.
2
Select Enable group affinity checking.
3
Select one of the available domains from the drop-down list to designate as the Server.
4
Click Accept.
NOTE:
Only Active Directory or LDAP servers and domains are supported.
Configuring Two-Factor Authentication
Two-factor authentication is an authentication method that requires two independent pieces of information to
establish identity and privileges. Two-factor authentication is stronger and more rigorous than traditional
password authentication that only requires one factor (the user's password).
For more information on how two-factor authentication works see
44.
Dell SonicWALL's implementation of two-factor authentication either uses two separate RADIUS authentication
servers, or partners with two of the leaders in advanced user authentication: RSA and VASCO. If you are using
RSA, you must have the RSA Authentication Manager and RSA SecurID tokens. If you are using VASCO, you must
have the VASCO IdentiKey and Digipass tokens.
To configure two-factor authentication, you must first configure a RADIUS domain. For information see
or Editing a Domain with RADIUS Authentication
The following sections describe how to configure the supported third-party authentication servers:
•
Configuring the RSA Authentication Manager on page 186
•
Configuring the VASCO IdentiKey Solution on page 191
Configuring the RSA Authentication Manager
The following sections describe how to configure the RSA Authentication Manager version 6.1 to do two-factor
authentication with your SMA/SRA appliance:
•
Adding an Agent Host Record for the SMA/SRA Appliance on page 187
•
Adding the SMA/SRA Appliance as a RADIUS Client on page 187
•
Setting the Time and Date
•
Importing Tokens and Adding Users on page 189
NOTE:
This configuration procedure is specific to RSA Authentication Manager version 6.1. If you are using
a different version of RSA Authentication Manager, the procedure is slightly different.
If you are using VASCO instead of RSA, see
on page 180.
on page
188
Configuring the VASCO IdentiKey Solution on page
Two-Factor Authentication Overview
Dell SonicWALL Secure Mobile Access 8.5
Administration Guide
on page
Adding
191.
186
Advertisement
Chapters
Table of Contents
Troubleshooting
