Configuring CRYPTOCard server authentication
On the RADIUS Server
Gather the IP address of the Firebox and the user or group aliases you want to authenticate using RADIUS. The aliases appear in the “From” and “To” listboxes for the individual services’ Properties dialog boxes.
1Add the IP address of the Firebox where appropriate according to the RADIUS
server vendor.
Some RADIUS vendors may not require this. To determine if this is required for your implementation, check the RADIUS server vendor documentation.
2Take the user or group aliases gathered from the service properties’ listboxes and
add them to the defined
For example, to add the groups Sales, Marketing, and Engineering enter:
Filter-Id=”Sales” Filter-Id=”Marketing” Filter-Id=”Engineering”
The filter rules for RADIUS user
For more information, consult the RADIUS server documentation.
Configuring CRYPTOCard server authentication
To add or remove services accessible by CRYPTOCard authenticated users, add the CRYPTOCard user or group in the individual service’s Properties dialog box, and the IP address of the Firebox on the CRYPTOCard authentication server.
From Policy Manager:
1Select Setup => Authentication.
The Member Access and Authentication Setup dialog box appears.
2Under Authentication Enabled Via, click the CRYPTOCard Server option.
3Click the CRYPTOCard Server tab.
You might need to use the arrow buttons in the
4Enter the IP address of the CRYPTOCard server.
5Enter or verify the port number used for CRYPTOCard authentication.
The standard is 624.
6Enter the administrator password.
This is the administrator password in the passwd file on the CRYPTOCard server.
7Enter or accept the time-out in seconds.
The
90
