Administration Guide
65
Changing the Authentication Type of the Default Realm
To change a user’s password
1
On the
Access Policy Manager
tab, right-click a user, and click
Set Password.
2
Type the password twice and then click
OK
.
Using LDAP Authorization with Local Authentication
By default, the Firebox SSL VPN Gateway obtains an authenticated user’s group(s) from the local group
file stored on the Firebox SSL VPN Gateway. Alternatively, you can configure the Firebox SSL VPN Gate-
way to obtain an authenticated user’s group(s) from an LDAP server. If the user is not located on the
LDAP server, the Firebox SSL VPN Gateway checks its local group file.
To use LDAP authorization with local authentication
1
In the Firebox SSL VPN Gateway Administration Tool, click the
Authentication
tab.
2
Open the window for the realm that is configured for local authentication. This is the Default realm
unless the authentication type was changed.
3
Click the
Authorization
tab.
4
In
Authorization Type
, select
LDAP Authorization
.
5
Complete the information for the LDAP server.
For a description of LDAP server settings, see “Using LDAP Servers for Authentication and Authorization” on page
73. For information about looking up LDAP server settings, see “Determining Attributes in your LDAP Directory”
on page 78.
Changing the Authentication Type of the Default Realm
When a user logs on to the Default realm, the user does not have to specify a realm name. For any other
realm, the user must specify a realm name when logging on. Thus, if most users are logging on to a non-
local authentication realm, change the authentication type of the Default realm.
To change the authentication type of the Default realm, remove the Default realm and then immedi-
ately create a new one.
Configuring the Default Realm
The Firebox SSL VPN Gateway has a permanent realm named Default. The Default realm is preconfig-
ured for local authentication. If you want to change the authentication method of the Default realm, it
must be immediately replaced with a new Default realm.
The Default realm is assumed when a user enters only a user name when logging on to the Access Gate-
way. For any other realm, the user must specify a realm name when logging on. Thus, if most users are
logging on to a non-local authentication realm, change the authentication type of the Default realm.
To change the authentication type of the Default realm, remove the Default realm
and then immediately create a new realm with the appropriate authentication
configuration.
To remove and create a Default realm
1
Click the
Authentication
tab.
2
Open the window for the Default realm.
Summary of Contents for Firebox SSL Series
Page 1: ...WatchGuard Firebox SSL VPN Gateway Administration Guide Firebox SSL VPN Gateway ...
Page 40: ...Using the Firebox SSL VPN Gateway 30 Firebox SSL VPN Gateway ...
Page 118: ...Setting the Priority of Groups 108 Firebox SSL VPN Gateway ...
Page 146: ...Managing Client Connections 136 Firebox SSL VPN Gateway ...
Page 168: ...Generating Trusted Certificates for Multiple Levels 158 Firebox SSL VPN Gateway ...
Page 190: ...180 Firebox SSL VPN Gateway ...
Page 198: ...188 Firebox SSL VPN Gateway ...