Watchguard Firebox X8000 Specifications download pdf (Page 21)

In the policy options configure it to use the right back-end server. This could be the

local database, but also active directory or another radius server.

This is probably the same that was in your Default Firebox authentication options

before you changed it. Or you use the local database, Windows or you go further to

another radius server.

In our example we select our newly made Firebox Policy and change it like this:

Main Settings

• Local auth.: Default (Digipass/Password)

• Back-End Auth.: Always

• Back-End Protocol: RADIUS

User Settings

• Dynamic User Registration: Default (Yes)

• Password Autolearn: Default (Yes)

• Stored Password Proxy: Default (Yes)

• Windows Group Check: No Check

Challenge Settings

• 2-Step Challenge Response None

After configuring this Policy, the authentication will happen in the back-end to a

RADIUS proxy Server (IAS in this case). So user credentials are passed through to the

VM, it will check these credentials with the IAS and will receive from IAS an Access-

Accept or Access-Reject message. This message will be forwarded to the Firebox. At

first we will use the “Response Only” method to authenticate.

Figure 28: VM

configuration (4)

Figure 29: VM

configuration (5)

Figure 27: VM

configuration (3)

DIGIPASS Authentication for WatchGuard Firebox - Integration Guideline V1.0

1 2 ... 16 17 18 19 20 21 22 23 24 25 26 ... 53 54

No comments

Watchguard Firebox X8000 Specifications Page 21