External Ldap Servers - D-Link NetDefend DFL-210 User Manual
Network security firewall
Hide thumbs
Also See for NetDefend DFL-210:
- User manual (495 pages) ,
- Log reference manual (476 pages) ,
- Cli reference manual (213 pages)
Table of Contents
Advertisement
8.2.4. External LDAP Servers
RADIUS with NetDefendOS
NetDefendOS acts as a RADIUS client, sending user credentials and connection parameter
information as a RADIUS message to a nominated RADIUS server. The server processes the
requests and sends back a RADIUS message to accept or deny them. One or more external servers
can be defined in NetDefendOS.
RADIUS Security
To provide security, a common shared secret is configured on both the RADIUS client and the
server. This secret enables encryption of the messages sent from the RADIUS client to the server
and is commonly configured as a relatively long text string. The string can contain up to 100
characters and is case sensitive.
RADIUS uses PPP to transfer username/password requests between client and RADIUS server, as
well as using PPP authentication schemes such as PAP and CHAP. RADIUS messages are sent as
UDP messages via UDP port 1812.
8.2.4. External LDAP Servers
Lightweight Directory Access Protocol (LDAP) servers can also be used with NetDefendOS as an
authentication source. This is implemented by the D-Link Firewall acting as a client to one or more
LDAP servers. Multiple servers can be configured to provide redundancy if any servers become
unreachable.
Setting Up LDAP Authentication
There are two steps to setting up user authentication with LDAP servers:
A. Define one or more user authentication LDAP server objects in NetDefendOS.
B. Specify a list of these LDAP server objects in a user authentication rule.
These two steps are described below.
A. Defining User Authentication LDAP Servers
One or more named LDAP server objects can be defined in NetDefendOS. These objects tell
NetDefendOS which LDAP servers are available and how to access them.
The following general parameters are used for configuration of each server:
•
Name
The name given to the server object for display purposes in NetDefendOS.
•
IP Address
The IP address of the LDAP server.
•
Port
The port number on the LDAP server which will receive the client request which is sent using
TCP/IP. This port is by default 389.
•
Timeout
This is the timeout length of time for user authentication attempts in seconds. If no response to a
request is received from the server after this time then the server will be considered to be
305
Chapter 8. User Authentication
- Quick Links:
- The Cli
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
