Procedure); Configuring If-Map Session Export Policy On The Secure Access Device (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01 Manual
Configuring secure access devices guide
Hide thumbs
Also See for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01:
- Manual (444 pages) ,
- Administration manual (1026 pages) ,
- Installation manual (244 pages)
Table of Contents
Advertisement
Related
Documentation
Configuring IF-MAP Session Export Policy on the Secure Access Device (NSM
Procedure)
Copyright © 2010, Juniper Networks, Inc.
To configure IF-MAP client settings on the Infranet Controllers or SA appliances that will
be IF-MAP clients:
In the NSM navigation tree, select Device Manager > Devices. Click the Device Tree
1.
tab, and then double-click the Secure Access device for which you want to configure
IF-MAP client settings.
Click the Configuration tab. In the configuration tree, select System > IF–MAP
2.
Federation > Overview.
From the IF-MAP Configuration list, select IF-MAP Client.
3.
Type the server URL for the IF-MAP Web service on the IF-MAP server. For a Juniper
4.
IF-MAP server, use:
https://<FQDN>/dana-ws/soap/ifmap
FQDN is the fully qualified domain name of the replica's internal or external interface;
for a cluster, the FQDN of the internal or external VIP should be used.
Under Authentication Type, select the Client Authentication Method: Basic or
5.
Certificate.
If you select Basic, enter a username and password. The same information should
be added to the IF-MAP server.
If you select Certificate, choose which Certificate Authority (CA) to use to verify
the certificate for this client. Optionally, specify certificate attributes or restrictions
to require values for certain client certificate attributes.
Ensure that the certificate of the CA that signed the IF-MAP server certificate is
added from the System > Configuration > Certificates > Trusted Server CAs page.
The IF-MAP client validates the IF-MAP server certificate: if validation fails, the
connection fails. Ensure that the hostname in the IF-MAP URL on the client machine
matches the hostname of the server certificate on the IF-MAP server, and that the
CA that signed the server certificate is configured as a trusted server CA on the
IF-MAP client.
Click OK to save the changes.
6.
Configuring IF-MAP Session Export Policy on the Secure Access Device (NSM Procedure)
on page 285
Configuring IF-MAP Servers (NSM Procedure) on page 283
Session-export policies determine how users are identified on the IF-MAP server when
their session is published through IF-MAP. The session-export policy sets the IF-MAP
identity.
Chapter 20: Configuring IF-MAP Federation Settings
285
Advertisement
Chapters
Table of Contents
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SECURE ACCESS DEVICES GUIDE REV 01 and is the answer not in the manual?
Questions and answers