Changing the Authentication Type of the Default Realm
66 Firebox SSL VPN Gateway
3On the Action menu, select Remove Default realm.
A warning message appears. Click Ye s .
4Under Add an Authentication Realm, in Realm name, type Default.
Note
Important: When creating a new Default realm, the word Default is case-sensitive and an uppercase D
must be used.
5 Do one of the following:
•
If configuring one authentication type, select One Source and click Add.
•
If configuring double-source authentication, select Two Source and click Add.
6In Authentication type, select the type of authentication and then click
OK.
7 Configure the authentication settings. For more information, see:
•
“Using a Local User List for Authentication” on page 63
• “Using LDAP Servers for Authentication and Authorization” on page 73
• “Using RADIUS Servers for Authentication and Authorization” on page 69
• “Using RSA SecurID for Authentication” on page 79
• “Using SafeWord for Authentication” on page 67
• “Configuring NTLM Authentication and Authorization” on page 83
Creating Additional Realms
You can create realms in addition to the Default realm. For example, you want the Default realm to be
used for authentication to an LDAP server. If you want to use additional authentication methods for
users, such as RADIUS, SafeWord, RSA SecurID, NTLM, or locally on the appliance, you can create
realms for each of these. When the user logs on to realms that are not the Default realm, they need to
type the realm name and their user name, such as realm name\user name.
Note
Note: Watchguard recommends that realm names map to their corresponding domain names. This
enables users to log on using either realm name\user name or user name@realm name.
To create a realm
1On the Authentication tab, under Add an Authentication Realm, in Realm name, type the name of
the realm.
2 Do one of the following:
If users have one authentication type, click One Source.
-or-
If users have two authentication types, click Two Source.
3Click Add.
4In Authentication type, select the authentication method, and click OK.
If you are configuring double-source authentication, in Primary
authentication type, select the type
that users will log on to first. In Secondary authentication type, select the type that users will log on to
second. For more information, see “Configuring Double-Source Authentication” on page 85.
5 Configure the settings for the realm and then click Submit.