manualshive.com logo in svg

Vasco aXsGUARD Gatekeeper AG-3000 Series, Быстрая установка, Страница: 45 / 48

Поделиться
Скачать
Vasco aXsGUARD Gatekeeper AG-3000 Series Скачать руководство пользователя страница 45

aXsGUARD Gatekeeper Authentication Quick Install Guide v1.6

 

RADIUS Server Configuration

9.2.3

RADIUS Server Authentication Policy

Once the aXsGUARD Gatekeeper RADIUS server has been configured as explained in section 

9.2.2

, the 

Authentication Policy to be used needs to be configured. An Authentication Policy determines the type of 
authentication enforced, e.g. DIGIPASS One-Time Password (OTP) and/or a Static Password.

For more information about Authentication Policies please refer to the 

aXsGUARD Gatekeeper

 

Authentication 

How To

, available through the permanently available 

Documentation

 button in the Administrator Tool.

To configure an Authentication Policy for the RADIUS server:

1.

Navigate to 

Authentication > Services

.

2.

Click on 

aXsGUARD Gatekeeper RADIUS Server

. A screen as shown below appears.

3.

Select

 the Authentication Policy, e.g. VASCO 

DIGIPASS

.

4.

Click on 

Update

 to save your settings.

With this configuration, all users authenticating on the RADIUS client (explained in section 

9.2

  

)

  

 must use a 

DIGIPASS OTP to authenticate. Other Authentication Policies and Methods are, of course, available. For more 
information, please refer to the 

aXsGUARD Gatekeeper Authentication

 

How

 

To

, accessible through the 

permanently available 

Documentation

 button in the Administrator Tool.

 

© 2009 - VASCO Data Security

 45

Image 34:

 Setting the Authentication Policy for the RADIUS Server

Содержание aXsGUARD Gatekeeper AG-3000 Series

Страница 1: ...aXsGUARD Gatekeeper Authentication Quick Install Guide...

Страница 2: ...ICABLE LAW SPECIFICALLY REQUIRES LIABILITY DESPITE THE FOREGOING EXCLUSIONS AND LIMITATIONS Intellectual Property and Copyright VASCO Products contain proprietary and confidential information VASCO Da...

Страница 3: ...twork 13 4 1 Overview 13 4 2 Powering on the aXsGUARD Gatekeeper 13 4 3 Connecting to your Network 15 4 4 Workstation TCP IP Settings 15 5 Accessing the Administrator Tool 17 5 1 Overview 17 5 2 Instr...

Страница 4: ...8 2 1 Automatic import 38 8 2 2 Manual import 39 8 3 DIGIPASS Device Testing 39 8 4 Assigning DIGIPASS Devices 40 8 5 Unassigning a DIGIPASS Device 41 8 6 Deleting DIGIPASS Records 41 9 RADIUS Server...

Страница 5: ...14 System General Screen 23 Image 15 System General Screen 24 Image 16 Network Devices Eth 26 Image 17 Network Devices Eth eth0 26 Image 18 Fixed IP Configuration IP Settings 27 Image 19 Network Gene...

Страница 6: ...f Tables Table 1 System General Fields 25 Table 2 Network Devices Eth eth0 Fields 27 Table 3 Users Groups Users Add User Fields 33 Table 4 Directory Services General 36 Table 5 Computer Settings 45 Ta...

Страница 7: ...server in your Local Area Network The document is intended for technical personnel and or system administrators In sections 1 2 and 1 3 we introduce the aXsGUARD Gatekeeper and VASCO In section 2 we...

Страница 8: ...d specific information you are searching for Other documents in the set of aXsGUARD Gatekeeper documentation include The aXsGUARD Gatekeeper Installation Guide which provides instructions on how to co...

Страница 9: ...e mail and Web access are managed by security policies which implement a combination of rules for example whether a user must use a DIGIPASS One Time Password in combination with a static password fo...

Страница 10: ...cord s into a socket which is properly grounded Before disconnecting the power supply turn the system off Use the exact type of network cable recommended to conform to certification restrictions only...

Страница 11: ...nditioning and UPS Uninterrupted Power Supply If the equipment is built into a server cupboard make sure there is sufficient ventilation Environmental requirements are Operating Temperature Range 10 t...

Страница 12: ...information before you start will help to speed up your installation an unused IP address in your network the Default Gateway setting in your network DNS Server IP address es for your network DNS Suff...

Страница 13: ...mation you need for installation listed in section 3 4 2 Powering on the aXsGUARD Gatekeeper Powering the aXsGUARD Gatekeeper on requires the following four steps 1 Connect the eth0 interface to the n...

Страница 14: ...keeper to a Network 2009 VASCO Data Security 14 Image 5 Example Stickers Labeling Interfaces on the aXsGUARD Gatekeeper AG 3XX4 Image 6 Example Stickers Labeling Interfaces on the aXsGUARD Gatekeeper...

Страница 15: ...es changing a client workstation IP address to within the specified IP address range for the aXsGUARD Gatekeeper During the first time configuration the aXsGUARD Gatekeeper IP address is modified to w...

Страница 16: ...is in good working order and correctly plugged into the device labeled eth0 on the aXsGUARD Gatekeeper and your network hub or switch see section 4 2 Once the workstation is correctly configured the...

Страница 17: ...nistrator Tool requires the steps described below 5 2 Instructions for Logging into the Administrator Tool 1 Enter the URL for the Administrator Tool into the browser https 192 168 250 254 82 Note 1 R...

Страница 18: ...Tool 3 Enter the default system administrator s Username and Password use lower case only Username sysadmin Password sysadmin Press Enter or click on the Log in button to proceed see image 10 2009 VAS...

Страница 19: ...anged as soon as you log on otherwise the appliance can be accessed by non authorized users 4 After a successful login the status screen is shown with a warning including a link to the screen where yo...

Страница 20: ...limited access This default user can only modify some general system parameters and add remove or modify users The first step is to add a new user with full administration privileges to further confi...

Страница 21: ...sGUARD Gatekeeper System Administration How To which is available via the Documentation button in the Administrator Tool 6 In the aXsGUARD Gatekeeper Administration tab select Full Administration 7 Cl...

Страница 22: ...dates features and developments After logging on enter the contact information as requested see image below Information for the Customer Dealer or preferably both needs to be entered The Dealer contac...

Страница 23: ...item while the sub menu is collapsed also displays the sub menu Some menu items such as Computers do not have sub menus Clicking on the minus sign closes collapses the sub menu of the selected item C...

Страница 24: ...n Update to finish Caution 1 Changing the default System Administrator sysadmin password is critical for security It should be changed as soon as you log on otherwise the appliance could be accessed b...

Страница 25: ...nal DNS server and is used whenever the aXsGUARD Gatekeeper sends an e mail to the administrator or the outside world For more information on the aXsGUARD Gatekeeper DNS please refer to the document a...

Страница 26: ...is to configure a network device The default secure LAN device is shown in section 4 2 To set up the Ethernet Secure LAN Device 1 Navigate to Network Devices Eth 2 Click on eth0 secure LAN The screen...

Страница 27: ...configured Upstream Downstream Bandwidth These settings should only be modified when using the Bandwidth Management feature Connection Settings Select the applicable option for your network If DHCP Cl...

Страница 28: ...on Add and Update to finish 6 7 2 Email Relay The aXsGUARD Gatekeeper proactively sends emails to the system administrator For emails to be sent from the aXsGUARD Gatekeeper requires an email relay se...

Страница 29: ...thods here 7 2 aXsGUARD Gatekeeper Users An aXsGUARD Gatekeeper user is a person who May authenticate with the aXsGUARD Gatekeeper is registered as a legitimate user on the system Has certain access r...

Страница 30: ...cally through synchronization with a Directory Server such as Microsoft Active Directory 7 4 1 Manually To create a new group 1 Navigate to Users Groups Groups 2 Click on Add new A screen similar to t...

Страница 31: ...irectory Server specific group settings on the aXsGUARD Gatekeeper These should be modified on the Directory Server 7 5 Creating and Modifying Users In this section we explain how to create and modify...

Страница 32: ...the user optional Password Enter and confirm a static password This must not be identical to the user name An error message appears if the password entered is not sufficiently secure For more informat...

Страница 33: ...tory Services such as the use of LDAP syntax user group templates and supported Directory back end servers please refer to the aXsGUARD Gatekeeper Directory Services How To which is available through...

Страница 34: ...aXsGUARD Gatekeeper Authentication Quick Install Guide v1 6 Users and Groups 2009 VASCO Data Security 34 Image 24 Directory Services Configuration Image 25 Active Directory Tree...

Страница 35: ...atically deletes users who no longer exist on the AD server Add user email addresses as aliases Imports the AD email addresses as aliases on the aXsGUARD Gatekeeper Add SMTP Proxy Addresses as email a...

Страница 36: ...eeper Directory Services How To available through the Documentation button in the aXsGUARD Gatekeeper Administrator Tool To view synchronized Active Directory users and groups 1 Navigate to Users Grou...

Страница 37: ...rted to the aXsGUARD Gatekeeper A DPX file can either be imported automatically or manually Both procedures are explained below 8 2 1 Automatic import When a set of aXsGUARD Gatekeeper DIGIPASS device...

Страница 38: ...is is required because encryption is used for transport 4 Click on Update to finish 5 To view the list of imported DIGIPASS records navigate to Authentication VASCO DIGIPASS DIGIPASS 8 3 DIGIPASS Devi...

Страница 39: ...ASS device needs to be assigned 3 Check the Has VASCO DIGIPASS option 4 Click on Select 5 Select the serial number for the DIGIPASS device to be assigned The serial number is printed on the back of th...

Страница 40: ...orted DIGIPASS records can be deleted by a system administrator see section 8 2 2 Automatically imported DIGIPASS records see section 8 2 1 can only be deleted by the VASCO back office A DIGIPASS reco...

Страница 41: ...entication Server in the LAN This means that custom applications running in your LAN DMZ or on your corporate gateway can relay authentication to the aXsGUARD Gatekeeper and support DIGIPASS authentic...

Страница 42: ...ADIUS client to the aXsGUARD Gatekeeper Computer list 1 Navigate to Computers 2 Click on Add new A screen as shown below appears 3 Enter the settings as explained in Table 5 The other aXsGUARD Gatekee...

Страница 43: ...Settings Field Description Computer Name Enter a name for the computer If an invalid name is provided an error message is displayed IP Address Enter the numeric address which identifies the computer...

Страница 44: ...6 Authentication Radius Clients Field Descriptions Field Description Name Provide a name ID for the new client An error message appears if an invalid name is entered Description Add a description for...

Страница 45: ...ntation button in the Administrator Tool To configure an Authentication Policy for the RADIUS server 1 Navigate to Authentication Services 2 Click on aXsGUARD Gatekeeper RADIUS Server A screen as show...

Страница 46: ...nfrastructures and network functions such as DHCP NAT DNS and Routing aXsGUARD Gatekeeper Authentication How To this document explains how to set up local and back end authentication using policies ru...

Страница 47: ...ed and reported in the Knowledge Base at the following URL http www vasco com support 2 If there is no solution in the Knowledge Base please contact the company which supplied you with the VASCO produ...

Страница 48: ...in Name 24 Domain Name Server 29 DPX file 38 E mail Addresses 22 25 Electrical Safety 10 Email Relay 29 Environmental Requirements Protection 10 11 Ethernet Secure LAN Device 26 Further Reading Config...

Отзывы:

Нет отзывов