Configuring remote access

Use the Remote Access page for the Network IPS appliance to configure servers for remote authentication.

About this task

Navigating in the Network IPS Local Management Interface: Manage System Settings > Appliance Access > Remote Access

Navigating in the SiteProtector™ system: select the Authentication Servers policy

Procedure

  1. Click the Add icon.
  2. In the Add Authentication Servers window, configure the following options:
    Note: The configuration options change depending upon the Authentication Server you choose.
    Option Description
    Server Alias Name Specifies the name of the server.
    Authentication Server Specifies the type of authentication server: Radius, LDAP, or Active Directory.
    Basic Configuration
    Enable SSL (LDAP and Active Directory) Enables the appliance to use the SSL protocol to communicate with the server.
    Default Search Base (LDAP and Active Directory) Specifies the default search base DN (Distinguished Name).
    • LDAP example: ou=people,dc=localdomain
    • Active Directory example: cn=Users,dc=localdomain,dc=com
    Server IP Address Specifies the IP address of the server.
    Port Number Specifies the port of the server.
    Server Timeout (sec) Specifies, in seconds, the maximum time range that the server tries to authenticate.
    Advanced Configuration (Radius)
    Retry count Specifies the maximum number of times that the server tries to authenticate.
    Password Specifies the authentication password.
    Confirm Password Confirms the authentication password.
    Server Bind Configuration (LDAP and Active Directory)
    Server Bind DN Specifies the DN (Distinguished Name) that the appliance binds to the server with.
    • LDAP example: cn=admin,dc=localdomain
    • Active Directory example: cn=admin,cn=Users,dc=localdomain
    Password Specifies the authentication password.
    Confirm Password Confirms the authentication password.
    Login Attribute Name Specifies the user ID attribute that the server searches for during authentication.
    • LDAP example: uid
    • Active Directory example:sAMAccountName
    Group Member Attribute Specifies the group member attribute that the server searches within to find the attribute name.
    • LDAP example: adminuser
    • Active Directory example: msSFU30PosixMember
    NSS Group Configuration (LDAP and Active Directory)
    NSS Search Base Specifies the NSS (Name Service Switch) that includes name service information, such as hosts, users, groups, and netgroups.
    • LDAP example: ou=people,dc=localdomain
    • Active Directory example: cn=Users,dc=localdomain,dc=com
    Search Scope Specifies the scope for the default search base, such as sub (subtree), one (one level), or base (base object).
    Search Filter Specifies filter criteria that directs PAM (Protection Analysis Module) to access accounts that match only specified attributes.
    • LDAP example: objectclass=posixAccount
    • Active Directory example: objectclass=user
Parent topic: Configuring appliance access