Filter
Top Products
Administration Guide 65
Changing the Authentication Type of the Default Realm
To change a user’s password
1On the Access Policy Manager tab, right-click a user, and click Set Password.
2 Type the password twice and then click OK.
Using LDAP Authorization with Local Authentication
By default, the Firebox SSL VPN Gateway obtains an authenticated user’s group(s) from the local group
file stored on the Firebox SSL VPN Gateway. Alternatively, you can configure the Firebox SSL VPN Gate-
way to obtain an authenticated user’s group(s) from an LDAP server. If the user is not located on the
LDAP server, the Firebox SSL VPN Gateway checks its local group file.
To use LDAP authorization with local authentication
1 In the Firebox SSL VPN Gateway Administration Tool, click the Authentication tab.
2 Open the window for the realm that is configured for local authentication. This is the Default realm
unless the authentication type was changed.
3Click the Authorization tab.
4In Authorization Type, select LDAP Authorization.
5 Complete the information for the LDAP server.
For a description of LDAP server settings, see “Using LDAP Servers for Authentication and Authorization” on page
73. For information about looking up LDAP server settings, see “Determining Attributes in your LDAP Directory”
on page 78.
Changing the Authentication Type of the Default Realm
When a user logs on to the Default realm, the user does not have to specify a realm name. For any other
realm, the user must specify a realm name when logging on. Thus, if most users are logging on to a non-
local authentication realm, change the authentication type of the Default realm.
To change the authentication type of the Default realm, remove the Default realm and then immedi-
ately create a new one.
Configuring the Default Realm
The Firebox SSL VPN Gateway has a permanent realm named Default. The Default realm is preconfig-
ured for local authentication. If you want to change the authentication method of the Default realm, it
must be immediately replaced with a new Default realm.
The Default realm is assumed when a user enters only a user name when logging on to the Access Gate-
way. For any other realm, the user must specify a realm name when logging on. Thus, if most users are
logging on to a non-local authentication realm, change the authentication type of the Default realm.
To change the authentication type of the Default realm, remove the Default realm
and then immediately create a new realm with the appropriate authentication
configuration.
To remove and create a Default realm
1Click the Authentication tab.
2 Open the window for the Default realm.