Configuring SecurID authentication
8Enter the value of the shared secret between the Firebox and the CRYPTOCard
server.
This is the key or client key in the “Peers” file on the CRYPTOCard server. This key is case sensitive and must be identical on the Firebox and the CRYPTOCard server for CRYPTOCard authentication to work.
9Click OK.
The Member Access and Authentication Setup dialog box closes, and the new authentication settings are saved.
10 Gather the IP address of the Firebox and the user or group aliases to be authenticated via CRYPTOCard. The aliases appear in the “From” and “To” listboxes in the individual services’ Properties dialog boxes.
On the CRYPTOCard server:
1Add the IP address of the Firebox where appropriate according to CRYPTOCard’s instructions.
2Take the user or group aliases from the service properties listboxes and add them to the group information in the CRYPTOCard configuration file. Only one group can be associated with each user.
The filter rules for CRYPTOCard user
For more information, consult the CRYPTOCard server documentation.
Configuring SecurID authentication
For SecurID authentication to work, the RADIUS and ACE/Server server must first be correctly configured. In addition, users must have a valid SecurID token and PIN number. Please see the relevant documentation for these products.
WatchGuard does not support the
From Policy Manager:
1Select Setup => Authentication.
The Member Access and Authentication Setup dialog box appears.
2Under Authentication Enabled Via, click the SecurID Server option.
3Click the SecurID Server tab.
You might need to use the arrow buttons in the
4Enter the IP address of the SecurID server.
5Enter or verify the port number used for SecurID authentication.
The default is 1645.
6Enter the value of the secret shared between the Firebox and the SecurID server.
The shared secret is case sensitive and must be identical on the Firebox and the SecurID server.
VPN Manager Guide | 91 |
