Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Firebox and RSA

Status
Not open for further replies.
beppo

beppo

IS-IT--Management
Jul 9, 2003
3
DE
Hi,

does anyone have an "how to implement a firebox 2500 with rsa 5.0 server authentication for muvpn authentication"?

i would like to implement it, but i don´t find the right way how to handle the firewall on the server.
what do i have to do first?

Any suggestions are very welcome.
 
Sort by date Sort by votes
From WatchGuard's site:

For SecurID authentication to work, the RADIUS and ACE/Server servers must first be correctly configured. In addition, users must have a valid SecurID token and PIN number. Please see the relevant documentation for these products.

Note: WatchGuard does not support the third-party program Steel Belted RADIUS for use with SecurID. You should use the RADIUS program bundled with the RSA SecurID software. 

From Policy Manager:
Select Setup => Authentication Servers.
The Authentication Servers dialog box appears.
Click the SecurID Server tab.
You might need to use the arrow buttons in the upper-right corner of the dialog box to bring this tab into view.
Enter the IP address of the SecurID server.
Enter or verify the port number used for SecurID authentication.
The default is 1645.
Enter the value of the secret shared between the Firebox and the SecurID server.
The shared secret is case-sensitive and must be identical on the Firebox and the SecurID server.
If you are using a backup server, enable the Specify backup SecurID server checkbox. Enter the IP address and port number for the backup server.
Click OK.

On the RADIUS Server:
Add the IP address of the Firebox where appropriate according to the RADIUS server vendor.
Some RADIUS vendors may not require this. To determine if this is required for your implementation, check the RADIUS server vendor documentation.
Take the user or group aliases gathered from the service properties' listboxes and add them to the defined Filter-IDs in the RADIUS configuration file. For more information, consult the RADIUS server documentation.
For example, to add the groups Sales, Marketing, and Engineering enter:
 Filter-Id="Sales"
Filter-Id="Marketing"
Filter-Id="Engineering"

Note: The filter rules for RADIUS user filter-IDs are case sensitive.
 
Upvote 0 Downvote
Hi,

Thank you very much for your help.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
776
Sameer258
Sameer258
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
578
nnaarrnn
nnaarrnn
Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
493
Nitta84
Nitta84
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
222
hairlessupportmonkey
hairlessupportmonkey
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
153
ITSUPPORTIT
ITSUPPORTIT

Part and Inventory Search

Sponsor

Back
Top