Table of Contents
Advertisement
Using RADIUS Authentication
Remote Access VPN Clients (a Check Point SecureClient, Check Point
SecuRemote
, or another Embedded NGX appliance).
To set up remote VPN access for a user
1. Enable your VPN
firewall as a VPN Server on page 303.
2. Add or edit the user, using the procedure Adding and Editing Users on page
361.
You must select the VPN Remote Access option.
U
sing RADIUS Authentication
You can use Remote Authentication Dial-In User Service (RADIUS) to
authenticate both NetDefend users and Remote Access VPN Clients trying to
connect to the NetDefend firewall.
Note: When RADIUS authentication is in use, Remote Access VPN Clients must
have a certificate.
When a user tries to log on to the NetDefend Portal, the NetDefend firewall s
the entered user name and password to the RADIUS server. The server then checks
whether the RADIUS database contains a matching user name and passw
If so, then the user is logged on.
By default, all RADIUS-authenticated users are assigned t
specified in the NetDefend Portal's RADIUS page. However, you can configure the
RADIUS server to pass the NetDefend firewall a specific set of permissions to
grant the authenticated user, instead of these default permissions. This is done by
co
nfiguring the RADIUS Vendor-Specific Attribu
containing perm
ission information for specific users. If the VSA is configured for a
user, then the RADIUS server passes the VS
the
response to the authentication req
permissions as specified in the VSA. If the VSA is not returned by the RADIUS
368
Server, using the procedure Setting Up Your NetDefend
uest, and the gateway assigns the user
he set of permissions
te (VSA) with a set of attributes
A to the NetDefend gateway as part of
D-Link NetDefend firewall User Guide
ends
ord pair.
Advertisement
Chapters
Table of Contents
Troubleshooting
