Configuring The Firebox Ssl Vpn Gateway To Support Access To The Internal Network Resources - Watchguard SSL 1000 User Manual

Vpn gateway

Hide thumbs Also See for SSL 1000:

Setup manual (6 pages)

Hardware manual (31 pages)

Quick reference manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

Table of Contents

•

LDAP Server port. The port on which the LDAP server listens for connections. The default port

for LDAP connections is port 389.

•

LDAP Administrator Bind DN and LDAP Administrator Password. If the LDAP directory requires

applications to authenticate when accessing it, the administrator must know the name of the

user account that the Firebox SSL VPN Gateway should use for this authentication and the

password associated with this account.

•

LDAP Base DN. The base object of the directory (or level of the directory) where user names

are stored. All remote users must have a Person entry at this level of the directory. Some

example values are:

ou=Users,dc=ace,dc=com

cn=Users,dc=ace,dc=com

•

LDAP Server login name attribute. The attribute of an LDAP directory Person entry that

contains a user's name. The following table contains examples of the user name attribute

fields for different LDAP directories:

•

LDAP Group attribute - The attribute of a user's Person entry that lists the groups to which a

user belongs; for example, "memberOf." The LDAP Group attribute is used only for LDAP

authorization.

At this point, the administrator has completed all of the procedures needed to prepare for the

LDAP authentication and authorization configuration task. When this task is complete, the

administrator has the following information:

•

The specific network locations of all network resources that the remote Sales and Engineering

users must access

•

The names of the user groups in the LDAP directory that contain the Sales and Engineering

users who require remote access ("Remote Sales" and "Remote Engineers" in this example)

•

The specific LDAP directory information needed to configure the Firebox SSL VPN Gateway to

operate with the LDAP directory

With this information available, the administrator is now ready to configure the Firebox SSL VPN

Gateway to provide access to the internal network resources for the Sales and Engineering users.

Configuring the Firebox SSL VPN Gateway to Support Access to the Internal Network

Resources

Configuring the Firebox SSL VPN Gateway to support access to the internal network resources is the last

of two tasks the administrator performs in the scenario for configuring LDAP authentication and autho-

rization.

In this task, the administrator uses the information gathered in the previous task to configure the set-

tings in the Administration Tool that enable the remote users to access the internal network resources.

Administration Guide

Scenario 1: Configuring LDAP Authentication and Authorization

LDAP Server

Microsoft Active Directory

Server

Novell eDirectory

IBM Directory Server

Lotus Domino

Sun ONE directory (formerly

iPlanet)

User Attributes

sAM AccountName

uid

uid or cn

Case Sensitive

Yes

163

Table of Contents

Troubleshooting

This manual is also suitable for:

Ssl 500 Firebox ssl series

Configuring The Firebox Ssl Vpn Gateway To Support Access To The Internal Network Resources - Watchguard SSL 1000 User Manual

Troubleshooting

Related Manuals for Watchguard SSL 1000

Related Content for Watchguard SSL 1000

This manual is also suitable for:

Table of Contents