Manualshelf

User guide

ManualsBrandsWatchguard ManualsComputer equipmentFirebox X1000
151152153154155156157158159160
Configuring CRYPTOCard Server Authentication
User Guide 137
7 Click OK.
8 Gather the IP address of the Firebox and the user or group aliases you
want to authenticate using RADIUS. The aliases appear in the From
and To listboxes for the individual services.
To configure the RADIUS server
1 Add the IP address of the Firebox where appropriate according to the
RADIUS server vendor.
Some RADIUS vendors may not require this. To determine if this is required for
your implementation, check the RADIUS server vendor documentation.
2 Take the user or group aliases gathered from the Add Address dialog
box from each service (double-click the service icon, select Incoming
and Allowed on the Incoming tab, and click Add) and add them to
the defined Filter-IDs in the RADIUS configuration file. For more
information, consult the RADIUS server documentation.
For example, to add the groups Sales, Marketing, and Engineering enter:
Filter-Id=”Sales”
Filter-Id=”Marketing”
Filter-Id=”Engineering”
N
OTE
The filter rules for RADIUS user filter-IDs are case sensitive.
Configuring CRYPTOCard Server Authentication
CRYPTOCard is a hardware-based authentication system that allows
users to authenticate by way of the CRYPTOCard challenge response
system which includes off-line hashing of passwords. It enables you to
authenticate individuals independent of the hosts they are on.
Configuring WatchGuard CRYPTOCard server authentication assumes
that you have acquired and installed a CRYPTOCard server according to
the manufacturer’s instructions, and that the server is accessible for
authentications to the Firebox.
To add or remove services accessible by CRYPTOCard authenticated
users, add the CRYPTOCard user or group in the individual service’s