Cisco Systems Advanced Configuration of the RVL200 Router: User Management and SSL VPN

NOTE: If your users are unable to connect via Active Directory, verify the following:

1.The time settings between the Active Directory server and the Router must be synchronized. Kerberos authentication, used by Active Directory to authenticate clients, permits a maximum of a 15-minute time difference between the Windows server and client (the Router).

2.Make sure yourWindows server is configured for Active Directory authentication. If you are using a Windows NT 4.0 server, then your server only supports NT Domain authentication. Windows 2000 and 2003 servers are also configured for NT Domain authentication to support legacy Windows clients.

Proceed to the “Edit User” section.

LDAP

LDAP

Server Address  Enter the IP address or domain name of the server.

LDAP BaseDN*  Enter the search base for LDAP queries. This is an example of a search base string: CN=Users,DC= yourdomain,DC=com. (Do not use quotation marks in this field.)

Proceed to the “Edit User” section.

Edit User

A list of users is displayed here.

User Name  This is the name of the user.

User Type  This is the type of user, User or Administrator.

Inactivity Timeout  This is the number of idle minutes permitted before a session will time out.

Config  Click Edit to change the user’s settings on the User Management screen.

To add a new user, click Add User. (The maximum number of users is 128.) The User Management screen appears.

Add a User to the Local User Database

Configure the following settings:

User Name  Enter the name the user will use to log into the SSL VPN Portal.

User Type  For users with Local User Database authentication, select User or Administrator. User types can only access the SSL VPN Portal, and Administrator types can access the Router’s web-based utility.

Password  For users with Local User Database authentication, enter the user’s password.

Confirm Password  For users with Local User Database authentication, re-enter the user’s password.

Inactivity Timeout  Enter the number of idle minutes permitted before the session times out and the login screen appears. The default for User type is 0, which disables the Inactivity Timeout feature. The default for Administrator type is 10 minutes.

Click Save Settings to save your changes, or click Exit to return to the User Management screen.

On the User Management screen, click Save Settings to save your changes, or click Cancel Changes to undo them.

SSL VPN > Virtual Passage

Define the IP address range for incoming Virtual Passage clients and establish an SSL VPN tunnel by Virtual Passage. Virtual Passage is a software application that enables remote users to securely connect to a remote network, as if they were on the local network.