Radius Integration Guide Version 9



Similar documents
ADS Integration Guide

High Availability Configuration Guide Version 9

HTTP Client Installation Guide Version 9

Virtual LAN Configuration Guide Version 9

CORPORATE HEADQUARTERS Elitecore Technologies Ltd. 904 Silicon Tower, Off. C.G. Road, Ahmedabad , INDIA

Cyberoam Multi link Implementation Guide Version 9

CYBEROAM WINDOWS DOMAIN CONTROLLER INTEGRATION GUIDE VERSION:

Cyberoam Anti Spam Implementation Guide Version 9

CORPORATE HEADQUARTERS Elitecore Technologies Ltd. 904 Silicon Tower, Off. C.G. Road, Ahmedabad , INDIA

IPSec VPN Client Installation Guide. Version 4

Cyberoam IPSec VPN Client Configuration Guide Version 4

SSL VPN Client Installation Guide Version 9

Cyberoam Anti Virus Implementation Guide Version 9

SOFTWARE LICENSE LIMITED WARRANTY

Cyberoam Anti Spam Configuration Guide Version 9

Cyberoam Configuration Guide for VPNC Interoperability Testing using DES Encryption Algorithm

User Guide Version 9 Document version /03/2007

Cyberoam Anti Spam Implementation Guide Version 9

SSL VPN Management Guide Version 10

Version: 4.10 Build 010 Date: April, 2008

Thin Client Solution Installation Guide Version

Cyberoam Virtual Security Appliance - Installation Guide for XenServer. Version 10

User Guide Version 9.5.8

SOFTWARE LICENSE LIMITED WARRANTY DISCLAIMER OF WARRANTY RESTRICTED RIGHTS. Corporate Headquarters

Cyberoam Virtual Security Appliance - Installation Guide for VMware ESX/ESXi. Version 10

Product Release Information

Deploying Virtual Cyberoam Appliance in the Amazon Cloud Version 10

Unified Threat Management

Application Note. Intelligent Application Gateway with SA server using AD password and OTP

Self Help Guides. Create a New User in a Domain

axsguard Gatekeeper Internet Redundancy How To v1.2

Release Notes. Release Notes Information. Release Information. Release Date: 22nd September, 2011

Svn.spamsvn110. QuickStart Guide to Authentication. WebTitan Version 5

By the Citrix Publications Department. Citrix Systems, Inc.

Application Note. Citrix Presentation Server through a Citrix Web Interface with OTP only

Contents Notice to Users

SSL VPN User Guide Version 10

CITRIX SYSTEMS, INC. SOFTWARE LICENSE AGREEMENT

Defender 5.7. Remote Access User Guide

empower Authentication Manual, Version 3.7

Dell One Identity Cloud Access Manager How To Deploy Cloud Access Manager in a Virtual Private Cloud

VCCC Appliance VMware Server Installation Guide

Defender Delegated Administration. User Guide

Dell One Identity Cloud Access Manager How to Configure vworkspace Integration

INTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505

4.0. Offline Folder Wizard. User Guide

Internet Redundancy How To. Version 8.0.0

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

Dell One Identity Cloud Access Manager How to Configure for High Availability

Achieving PCI-Compliance through Cyberoam

Application Note. Gemalto s SA Server and OpenLDAP

Web Remote Access. User Guide

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

Quick Connect Express for Active Directory

Installation Guide Supplement

Installing the IPSecuritas IPSec Client

Hyper-V Installation Guide. Version 8.0.0

Ektron CMS400.NET Virtual Staging Server Manual Version 7.5, Revision 1

SafeNet Authentication Service

Active Directory Change Notifier Quick Start Guide

MiSync Personal for Beams

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

Using Microsoft Active Directory Server and IAS Authentication

DameWare Server. Administrator Guide

BES10 Self-Service. Version: User Guide

DIGIPASS Authentication for Citrix Access Gateway VPN Connections

INTEGRATION GUIDE. DIGIPASS Authentication for F5 FirePass

Azure Multi-Factor Authentication. KEMP LoadMaster and Azure Multi- Factor Authentication. Technical Note

Configuring Microsoft RADIUS Server and Gx000 Authentication. Configuration Notes. Revision 1.0 February 6, 2003

Dell One Identity Cloud Access Manager Installation Guide

Symantec Event Collector 4.3 for Microsoft Windows Quick Reference

RSA Two Factor Authentication. Feature Description

HP A-IMC Firewall Manager

Administration Guide. SafeWord for Internet Authentication Service (IAS) Agent Version 2.0

EMC Data Domain Management Center

Microsoft Dynamics GP. Workflow Installation Guide Release 10.0

Dell One Identity Cloud Access Manager SonicWALL Integration Overview

formerly Help Desk Authority HDAccess Administrator Guide

Self Help Guides. Setup Exchange with Outlook

BlackBerry Enterprise Server. BlackBerry Administration Service Roles and Permissions Version: 5.0 Service Pack: 4.

DIGIPASS Authentication for GajShield GS Series

Copy Tool For Dynamics CRM 2013

HP IMC Firewall Manager

Remote Firewall Deployment

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

Dell Statistica Document Management System (SDMS) Installation Instructions

StoneGate SSL VPN Technical Note Adding Bundled Certificates

Configuring RADIUS Authentication for Device Administration

Testing and Restoring the Nasuni Filer in a Disaster Recovery Scenario

NCD ThinPATH Load Balancing Startup Guide

DIGIPASS as a Service. Google Apps Integration

How To Connect Checkpoint To Gemalto Sa Server With A Checkpoint Vpn And Connect To A Check Point Wifi With A Cell Phone Or Ipvvv On A Pc Or Ipa (For A Pbv) On A Micro

Setup and Configuration Guide for Pathways Mobile Estimating

User Guide for Paros v2.x

DME-N Network Driver Installation Guide for LS9

DIGIPASS Authentication for Check Point Connectra

Symantec Backup Exec Management Plug-in for VMware User's Guide

Installation Guide. Squid Web Proxy Cache. Websense Enterprise Websense Web Security Suite. v for use with

formerly Help Desk Authority Upgrade Guide

BlackBerry Enterprise Server Resource Kit BlackBerry Analysis, Monitoring, and Troubleshooting Tools Version: 5.0 Service Pack: 2.

Transcription:

Radius Integration Guide Version 9 Document version 9402-1.0-18/10/2006

2 IMPORTANT NOTICE Elitecore has supplied this Information believing it to be accurate and reliable at the time of printing, but is presented without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any products. Elitecore assumes no responsibility for any errors that may appear in this document. Elitecore reserves the right, without notice to make changes in product design or specifications. Information is subject to change without notice. USER S LICENSE The Appliance described in this document is furnished under the terms of Elitecore s End User license agreement. Please read these terms and conditions carefully before using the Appliance. By using this Appliance, you agree to be bound by the terms and conditions of this license. If you do not agree with the terms of this license, promptly return the unused Appliance and manual (with proof of payment) to the place of purchase for a full refund. LIMITED WARRANTY Software: Elitecore warrants for a period of ninety (90) days from the date of shipment from Elitecore: (1) the media on which the Software is furnished will be free of defects in materials and workmanship under normal use; and (2) the Software substantially conforms to its published specifications except for the foregoing, the software is provided AS IS. This limited warranty extends only to the customer as the original licenses. Customers exclusive remedy and the entire liability of Elitecore and its suppliers under this warranty will be, at Elitecore or its service center s option, repair, replacement, or refund of the software if reported (or, upon, request, returned) to the party supplying the software to the customer. In no event does Elitecore warrant that the Software is error free, or that the customer will be able to operate the software without problems or interruptions. Elitecore hereby declares that the anti virus and anti spam modules are powered by Kaspersky Labs and the performance thereof is under warranty provided by Kaspersky Labs. It is specified that Kaspersky Lab does not warrant that the Software identifies all known viruses, nor that the Software will not occasionally erroneously report a virus in a title not infected by that virus. Hardware: Elitecore warrants that the Hardware portion of the Elitecore Products excluding power supplies, fans and electrical components will be free from material defects in workmanship and materials for a period of One (1) year. Elitecore's sole obligation shall be to repair or replace the defective Hardware at no charge to the original owner. The replacement Hardware need not be new or of an identical make, model or part; Elitecore may, in its discretion, replace the defective Hardware (or any part thereof) with any reconditioned product that Elitecore reasonably determines is substantially equivalent (or superior) in all material respects to the defective Hardware. DISCLAIMER OF WARRANTY Except as specified in this warranty, all expressed or implied conditions, representations, and warranties including, without limitation, any implied warranty or merchantability, fitness for a particular purpose, non-infringement or arising from a course of dealing, usage, or trade practice, and hereby excluded to the extent allowed by applicable law. In no event will Elitecore or its supplier be liable for any lost revenue, profit, or data, or for special, indirect, consequential, incidental, or punitive damages however caused and regardless of the theory of liability arising out of the use of or inability to use the product even if Elitecore or its suppliers have been advised of the possibility of such damages. In the event shall Elitecore s or its supplier s liability to the customer, whether in contract, tort (including negligence) or otherwise, exceed the price paid by the customer. The foregoing limitations shall apply even if the above stated warranty fails of its essential purpose. In no event shall Elitecore or its supplier be liable for any indirect, special, consequential, or incidental damages, including, without limitation, lost profits or loss or damage to data arising out of the use or inability to use this manual, even if Elitecore or its suppliers have been advised of the possibility of such damages. RESTRICTED RIGHTS Copyright 2000 Elitecore Technologies Ltd. All rights reserved. Cyberoam, Cyberoam logo are trademark of Elitecore Technologies Ltd. Information supplies by Elitecore Technologies Ltd. Is believed to be accurate and reliable at the time of printing, but Elitecore Technologies assumes no responsibility for any errors that may appear in this documents. Elitecore Technologies reserves the right, without notice, to make changes in product design or specifications. Information is subject to change without notice CORPORATE HEADQUARTERS Elitecore Technologies Ltd. 904 Silicon Tower, Off. C.G. Road, Ahmedabad 380015, INDIA Phone: +91-79-26405600 Fax: +91-79-26407640 Web site: www.elitecore.com, www.cyberoam.com

Guide Sets Guide User Guide Console Guide Windows Client Guide Linux Client Guide HTTP Client Guide Analytical Tool Guide LDAP Integration Guide ADS Integration Guide PDC Integration Guide High Availability Configuration Guide Data transfer Management Guide Multi Link Manager User Guide VPN Management Cyberoam IDP Implementation Guide Cyberoam Anti Virus Implementation Guide Cyberoam Anti Spam Implementation Guide Describes Console Management Installation & configuration of Cyberoam Windows Client Installation & configuration of Cyberoam Linux Client Installation & configuration of Cyberoam HTTP Client Using the Analytical tool for diagnosing and troubleshooting common problems Configuration for integrating LDAP with Cyberoam for external authentication Configuration for integrating ADS with Cyberoam for external authentication Configuration for integrating PDC with Cyberoam for authentication Configuration for integrating RADIUS with Cyberoam for external authentication Configuration of High Availability (HA) Configuration and Management of user based data transfer policy Configuration of Multiple Gateways, load balancing and failover Implementing and managing VPN Configuring, implementing and managing Intrusion Detection and Prevention Configuring and implementing anti virus solution Configuring and implementing anti spam solution 3

4 Technical Support You may direct all questions, comments, or requests concerning the software you purchased, your registration status, or similar issues to Customer care/service department at the following address: Corporate Office elitecore Technologies Ltd. 904, Silicon Tower Off C.G. Road Ahmedabad 380015 Gujarat, India. Phone: +91-79-26405600 Fax: +91-79-26407640 Web site: www.elitecore.com Cyberoam contact: Technical support (Corporate Office): +91-79-26400707 Email: support@cyberoam.com Web site: www.elitecore.com Visit www.cyberoam.com for the regional and latest contact information.

Typographic Conventions Material in this manual is presented in text, screen displays, or command-line notation. Item Convention Example Server Client User Username Part titles Bold and shaded font typefaces Machine where Cyberoam Software - Server component is installed Machine where Cyberoam Software - Client component is installed The end user Username uniquely identifies the user of the system Report Topic titles Shaded font typefaces Introduction Subtitles Bold & Black typefaces Notation conventions Navigation link Bold typeface Group Management Groups Create it means, to open the required page click on Group management then on Groups and finally click Create tab Name of a particular parameter / field / command button text Cross references Lowercase italic type Hyperlink in different color Enter policy name, replace policy name with the specific name of a policy Or Click Name to select where Name denotes command button text which is to be clicked refer to Customizing User database Clicking on the link will open the particular topic Notes & points to remember Prerequisites Bold typeface between the black borders Bold typefaces between the black borders Note Prerequisite Prerequisite details 5

6 Overview Welcome to the Cyberoam s -. Cyberoam is an Identity-based UTM Appliance. Cyberoam s solution is purpose-built to meet the security needs of corporates, government organizations, and educational institutions. Cyberoam s perfect blend of best-of-breed solutions includes User based Firewall, Content filtering, Anti Virus, Anti Spam, Intrusion Detection and Prevention (IDP), and VPN. Cyberoam provides increased LAN security by providing separate port for connecting to the publicly accessible servers like Web server, Mail server, FTP server etc. hosted in DMZ which are visible the external world and still have firewall protection. Once you have installed and placed Cyberoam, you can monitor user activity in your Network based on the default policy. As Cyberoam monitors and logs user activity based on IP address, all the reports are generated based on IP address. To monitor and log user activities based on User names or logon names, you have to configure Cyberoam for integrating user information and authentication process. Integration will identify access request based on User names and generate reports based on Usernames. When the user attempts to access, Cyberoam requests a user name and password and authenticates the user's credentials before giving access. User level authentication can be performed using the local user database on the Cyberoam, an External ADS server, Windows Domain Controller, RADIUS, or LDAP server. To set up user database 1. Integrate ADS, Domain Controller, RADIUS or LDAP if external authentication is required. If your Network uses Active Directory Services, configure Cyberoam to communicate your ADS. Refer to ADS Integration Guide for more details. If your Network uses Windows Domain Controller, configure for Cyberoam to communicate with Windows Domain Controller.Refer to PDC Integration Guide for more details. If your Network uses LDAP, configure for Cyberoam to communicate with LDAP server. Refer to LDAP Integration Guide for more details. If your Network uses RADIUS server, configure for Cyberoam to communicate with RADIUS server. Refer to for more details. 2. Configure for local authentication. 3. Register user

RADIUS server RADIUS stands for Remote Authentication Dial In User Service and is a protocol for allowing network devices to authenticate users against a central database. In addition to user information, RADIUS can store technical information used by network devices such as protocols supported, IP addresses, telephone numbers, routing information, and so on. Together this information constitutes a user profile that is stored in a file or database on the RADIUS server. RADIUS servers provide authentication, authorization, and accounting functions but Cyberoam uses only the authentication function of the RADIUS server. Configuring Cyberoam to use RADIUS server Before you can use RADIUS authentication, you must have a functioning RADIUS server on the network. Select User Authentication Settings to open configuration page Screen RADIUS Integration Screen Elements Description Configure Authentication & Integration parameters Integrate with Select RADIUS as an authentication server Default Group Update button Add button If the user does not exist in Cyberoam but is already in RADIUS, Cyberoam automatically adds users into the default group on first logon. Allows to select default group for all users Click Default Group list to select Updates and saves the configuration Allows to add RADIUS server details Refer Add RADIUS Server for details Table RADIUS Integration screen elements 7

Add RADIUS Server Screen RADIUS Server configuration Screen Elements RADIUS Server Configuration Server Name Server IP Port Shared Secret Integration Type Test Connection button Add button Cancel button Description Specify name of the RADIUS Server Specify RADIUS Server IP Address Specify Port number over which RADIUS Server communicates Default port is 1812 Specify shared secret, which is to be used to encrypt information passed to Cyberoam Integration type is used in setting the user group membership Select Tight integration with cyberoam if want to use vendor specific attribute for setting the user group membership and specify Group name attribute Allows to check the connectivity of Cyberoam with RADIUS server Click to check Saves the server configuration Cancels the current operation Table RADIUS Server configuration screen elements Server Connectivity check Connection to RADIUS is enabled automatically during setup, but as RADIUS server is used for authenticating users it is necessary to check whether Cyberoam is able to connect to RADIUS or not. 8

9 Connectivity can be checked: 1. At the time of adding RADIUS server details Refer to Add RADIUS server for details on checking connectivity at the time of adding RADIUS server details. 2. After adding RADIUS server details Select User Authentication Settings and click RADIUS Server IP, which is to be tested for connection. Click Test Connection button.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information