ESET SECURE AUTHENTICATION. SonicWall SSL VPN Integration Guide



Similar documents
ESET SECURE AUTHENTICATION. Check Point Software SSL VPN Integration Guide

ESET SECURE AUTHENTICATION. Cisco ASA SSL VPN Integration Guide

ESET SECURE AUTHENTICATION. Cisco ASA Internet Protocol Security (IPSec) VPN Integration Guide

TechNote. Contents. Introduction. System Requirements. SRA Two-factor Authentication with Quest Defender. Secure Remote Access.

ESET SECURE AUTHENTICATION. API SSL Certificate Replacement

Two-Factor Authentication

Using different Security Policies on Group Level for AD within one Portal. SSL-VPN Security on Group Level. Introduction

Implementation Guide for. Juniper SSL VPN SSO with OWA. with. BlackShield ID

Dell SonicWALL and SecurEnvoy Integration Guide. Authenticating Users Using SecurAccess Server by SecurEnvoy

DIGIPASS Authentication for Cisco ASA 5500 Series

Keeping your VPN protected

Configuring Global Protect SSL VPN with a user-defined port

Configuring the Cisco ISA500 for Active Directory/LDAP and RADIUS Authentication

DESlock+ Basic Setup Guide ENTERPRISE SERVER ESSENTIAL/STANDARD/PRO

Configuring Internet Authentication Service on Microsoft Windows 2003 Server

Juniper Networks SSL VPN Implementation Guide

DIGIPASS Authentication for Check Point Connectra

Palo Alto Networks GlobalProtect VPN configuration for SMS PASSCODE SMS PASSCODE 2015

DIGIPASS Authentication for Sonicwall Aventail SSL VPN

BlackShield ID Agent for Remote Web Workplace

A brief on Two-Factor Authentication

External Authentication with Cisco ASA Authenticating Users Using SecurAccess Server by SecurEnvoy

Chapter 3 Authenticating Users

How To Integrate Watchguard Xtm With Secur Access With Watchguard And Safepower 2Factor Authentication On A Watchguard 2T (V2) On A 2Tv 2Tm (V1.2) With A 2F

External Authentication with Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

DIGIPASS Authentication for SonicWALL SSL-VPN

ESET SECURE AUTHENTICATION. Product Manual

Strong Authentication for Juniper Networks

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]

DIGIPASS Authentication for Citrix Access Gateway VPN Connections

ipad or iphone with Junos Pulse and Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

Security Provider Integration RADIUS Server

HOTPin Integration Guide: DirectAccess

Integration Guide. Swivel Secure Authentication

VPN Configuration Guide SonicWALL with SonicWALL Simple Client Provisioning

For more information refer: UTM - FAQ: What are the basics of SSLVPN setup on Gen5 UTM appliances running SonicOS Enhanced 5.2?

External authentication with Fortinet Fortigate UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

SonicWALL SSL VPN 3.5: Virtual Assist

Configuring Steel-Belted RADIUS Proxy to Send Group Attributes

SonicWALL Mobile Connect. Mobile Connect for OS X 3.0. User Guide

Agent Configuration Guide

Authentication Node Configuration. WatchGuard XTM

Identikey Server Getting Started Guide 3.1

Using SonicWALL NetExtender to Access FTP Servers

DIGIPASS Authentication for GajShield GS Series

NetMotion + YubiRADIUS Quick Start Guide

HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services

External Authentication with Windows 2003 Server with Routing and Remote Access service Authenticating Users Using SecurAccess Server by SecurEnvoy

Integration Guide. Duo Security Authentication

VPN Configuration Guide SonicWALL with SonicWALL Simple Client Provisioning

Secret Server Qualys Integration Guide

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

Product Guide Addendum. SafeWord Check Point User Management Console Version 2.1

INTEGRATION GUIDE. DIGIPASS Authentication for Juniper SSL-VPN

MadCap Software. Upgrading Guide. Pulse

DIGIPASS Authentication for Check Point Security Gateways

How To Configure A Bomgar.Com To Authenticate To A Rdius Server For Multi Factor Authentication

Scan to Quick Setup Guide

F-SECURE MESSAGING SECURITY GATEWAY

Cisco ASA. Implementation Guide. (Version 5.4) Copyright 2011 Deepnet Security Limited. Copyright 2011, Deepnet Security. All Rights Reserved.

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Outlook Web Access 1.06

Borderware MXtreme. Secure Gateway QuickStart Guide. Copyright 2005 CRYPTOCard Corporation All Rights Reserved

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web

Strong Authentication for Juniper Networks SSL VPN

External Authentication with Cisco VPN 3000 Concentrator Authenticating Users Using SecurAccess Server by SecurEnvoy

Borderware Firewall Server Version 7.1. VPN Authentication Configuration Guide. Copyright 2005 CRYPTOCard Corporation All Rights Reserved

Device LinkUP + Desktop LP Guide RDP

Workspot Configuration Guide for the Cisco Adaptive Security Appliance

Cisco VPN Concentrator Implementation Guide

Folder Proxy + OWA + ECP/EAC Guide. Version 2.0 April 2016

Introduction SSL-VPN. Creating and Installing Digital Certificates on SonicWALL SSL-VPN Appliances

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Internet Information Services (IIS)

External Authentication with CiscoSecure ACS. Authenticating Users Using. SecurAccess Server. by SecurEnvoy

ZyWALL OTP Co works with Active Directory Not Only Enhances Password Security but Also Simplifies Account Management

Establishing two-factor authentication with Barracuda NG Firewall and HOTPin authentication server from Celestix Networks

Step by Step Guide to implement SMS authentication to F5 Big-IP APM (Access Policy Manager)

DualShield. for. Microsoft TMG. Implementation Guide. (Version 5.2) Copyright 2011 Deepnet Security Limited

Configuring User Identification via Active Directory

Two Factor Authentication in SonicOS

Compiled By: Chris Presland v th September. Revision History Phil Underwood v1.1

ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access. Integration Handbook

Using Microsoft s CA Server with SonicWALL Devices

ZyWALL OTPv2 Support Notes

Cisco ASA Authentication QUICKStart Guide

MIGRATION GUIDE. Authentication Server

SSL VPN Portal Options

External Authentication with Checkpoint R75.40 Authenticating Users Using SecurAccess Server by SecurEnvoy

Dell SonicWALL Aventail Connect Tunnel User Guide

INTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505

Integration Guide. SafeNet Authentication Service. VMWare View 5.1

Configuring SSL VPN on the Cisco ISA500 Security Appliance

OneLogin Integration User Guide

SecurEnvoy IIS Web Agent. Version 7.2

FortiAuthenticator Agent for Microsoft IIS/OWA. Install Guide

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

Group Management Server User Guide

Juniper SSL VPN Authentication QUICKStart Guide

Using Microsoft Active Directory for Checkpoint NG AI SecureClient

Enterprise Security Interests Require SSL with telnet server from outside the LAN

Strong Authentication for Cisco ASA 5500 Series

Transcription:

ESET SECURE AUTHENTICATION SonicWall SSL VPN Integration Guide

ESET SECURE AUTHENTICATION Copyright 2013 by ESET, spol. s r.o. ESET Secure Authentication was developed by ESET, spol. s r.o. For more information visit www.eset.com. All rights reserved. No part of this documentation may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise without permission in writing from the author. ESET, spol. s r.o. reserves the right to change any of the described application software without prior notice. Customer Care Worldwide: www.eset.eu/support Customer Care North America: www.eset.com/support REV. 7/22/2013

Contents 1. 2. 3. 4. Overview...4 Prerequisites...4 Integration...5 instructions Troubleshooting...5

1. Overview This document describes how to enable ESET Secure Authentication (ESA) Two-Factor Authentication (2FA) for a SonicWall SRA VPN device. 2. Prerequisites Configuring the VPN device for 2FA requires: A functional ESA RADIUS server that has your SonicWall SSL VPN device configured as a client, as shown in Figure 1. Note: To prevent locking any existing, non-2fa enabled AD users out of your VPN, we recommend that you allow Active Directory passwords without OTPs during the transitioning phase. It is also recommended that you limit VPN access to a security group (for example VPNusers). A SonicWall SRA SSL-VPN Appliance. The supported appliances are: E-Class SRA Series SRA Series RA Series (although interfaces may differ from this guide, the same concepts will apply) Figure 1 This screenshot shows The RADIUS client settings for your SonicWall VPN device. Note that the check boxes next to Mobile Application, Compound Authentication and Active Directory passwords without OTPs must be selected and the IP Address is the internal address of your SonicWall appliance. 4

3. Integration instructions 1. Add a RADIUS Server: a. Using a web browser, Log into the SonicWall administrative interface. b. Navigate to Portal > Domain on the left. c. Click Add Domain. d. From the Authentication type drop-down menu, select Radius. e. Enter a descriptive name for the authentication domain in the Domain Name field, for example, ESA Radius. f. Under Primary Radius Server, enter the following details: i. Radius Server Address: The IP address of your ESA RADIUS server. ii. Radius server port: 1812 (or custom port if you are overriding). iii. Secret Password: As shown in Figure 1 iv.radius Timeout: 30 seconds v. Max retries: 2 vi.portal Layout Name: Select your portal layout. vii.optionally, add the details of a backup ESA RADIUS server. g. Click Add to update the configuration. The domain will be added to the Domain Settings table. 2. Testing the connection: a. Connect to your SSL-VPN using a user account that has been configured to use with Mobile Application 2FA using ESA. When prompted for a password, append the OTP generated by the Mobile Application to your AD password. For example, if the user has an AD password of Esa123 and an OTP of 999111, type in Esa123999111. 4. Troubleshooting If you are unable to authenticate via the ESA RADIUS server, ensure that you have performed the following steps: 1. If this is a new SonicWall VPN setup, try logging in without a WiKID one-time password before adding in two-factor authentication. This will make troubleshooting easier. 2. Run a smoke test against your RADIUS server, as described in the Verifying ESA RADIUS Functionality document. 3. Verify that RADIUS authentication is enabled on the SonicWall server: a. Navigate to the VPN window in the administrative interface and select the Configure tab. b. In the Security Association field,select GroupVPN. c. Select the check box next to Require XAUTH/RADIUS. 4. Verify that there is no firewall blocking UDP 1812 between your VPN device and your RADIUS server. 5. If you are still unable to connect, contact ESET technical support. 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information