This must be identical to the Shared Secret in the SonicWall RADIUS configuration. In the Shared Secret field, enter a secret. In the properties of the newly created Access Node, under Node Type, select Radius Agent. Set Auth Port as 1812, which is the default RADIUS port. Right click and click on New and select Defender Access Node to create a Defender Access Node.Įnter the IP address or DNS name of the SonicWall X0 interface. Navigate to the Defender | Access Nodes page. If authentication is successful, the user is granted access to the network. The access node sends the user’s logon credentials to the Defender Security Server for authentication. This may be a user ID, password and token authentication information. At the access node, the user will be prompted to enter their logon credentials. The Access Node is the point in your network where you need to challenge the user to verify their identity, for example, a firewall or VPN server. When the Access Nodes has been assigned, a green light is displayed.įor more information, see Page # 82 of the Defender 5.7 Configuration Guide The indicator light located in the top left hand corner of the Defender Security Server dialog box is red while the Defender Security Server is refreshing the data. In the properties of the newly created DSS, click on the Policy tab and click on Select to select the Security Policy created earlier.Ĭlick on the RADIUS Payload tab, click on Select to select the RADIUS Payload created earlier. The Defender Security Server (prompts) can be left as it is. In this example the DSS is the same as the management console. The IP Address must be the IP Address of the machine where this Defender Security Server is located. Right click and click on New and select Defender Security Server to create a DSS. Navigate to the Defender | Security Servers page. If authentication is successful, the user is allowed access to the network. The Defender Security Server is the point in your network where user authentication is performed. The Logon Attempts have been set here as 1, this can be changed.įor more information, see Page # 49 of the Defender 5.7 Configuration GuideĬonfigure Defender Security Servers (DSS) The authentication methods selected here are AD password and Token. Right click and click on New and select Defender Policy to create a Defender Security Policy. Navigate to the Defender | Policies page. The security policy is assigned to a user, user group, access node or security server. Right click and click on New and select Defender RADIUS Payload to create a new RADIUS Payload.The RADIUS Payload is information that is passed from the Defender Security Server to the Network Access Server where the user authentication attempt originated. Open the Defender OU in Active Directory Users and Computers. The Defender Management Console enables you to create and configure Defender Security Servers. In the Service tab, you can stop and restart the Defender Security Server service. On the Test Connection tab, click on the Test button to test the connectivity between DSS and the LDAP server. In this example, a user called defender has been created with Domain Admin rights. Under Service Account Credentials, enter the DN of the user. Under SSL Port enter the LDAPs port number: 636. Under Port, enter the LDAP port number: 389. On the Active Directory LDAP tab, enter the IP address or hostname of the AD LDAP server For the purpose of this article all components are installed in a Windows 2008 server with trial Defender license and tokens.Ĭlick on Defender Security Server on the Start menu to open the Defender Security Server Configuration window. Step by step instructions are described in Defender 5.7 Installation Guide. Installation of the Quest Defender application is not covered here. NOTE: The Screenshots and configuration steps described here are of Defender version 5.7. This article describes how to configure Quest Defender to perform two-factor authentication of Global VPN Clients (GVC).ĭefender installation involves installing the following components:ĭefender Management Console: Installs MMC Snap-ins, Schema updates and a Defender OU in Active Directory Users and Computers.ĭefender Security Server (DSS): Authenticates RADIUS and Defender Agent requests Access Nodes. Quest Defender enhances security by enabling two-factor authentication & multi-factor authentication to network, web and applications-based resources. Copy URL The link has been copied to clipboard.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |