D-Link DFL-210-WCF-12 Product Manual - Page 366
Authentication Rules, Important: The link to the LDAP server must be protected
UPC - 790069601545
View all D-Link DFL-210-WCF-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 366 highlights
8.2.5. Authentication Rules Chapter 8. User Authentication Figure 8.2. LDAP for PPP with CHAP, MS-CHAPv1 or MS-CHAPv2 Important: The link to the LDAP server must be protected Since the LDAP server is sending back passwords in plain text to NetDefendOS, the link between the NetDefend Firewall and the server must be protected. A VPN link should be used if the link between the two is not local. Access to the LDAP server itself must also be restricted as passwords will be stored in plain text. 8.2.5. Authentication Rules An Authentication Rule should be defined when a client establishing a connection through a NetDefend Firewall is to be prompted for a username/password login sequence. Authentication Rules are set up in a way that is similar to other NetDefendOS security policies, by specifying which traffic is to be subject to the rule. They differ from other policies in that the connection's destination network/interface is not of interest but only the source network/interface. Authentication Rule Parameters An Authentication Rule has the following parameters: • Authentication Agent The type of traffic being authenticated. This can one of: i. HTTP HTTP web connections to be authenticated via a predefined or custom web page (see the detailed HTTP explanation below). ii. HTTPS HTTPS web connections to be authenticated via a predefined or custom web page (also see the detailed HTTP explanation below). iii. XAUTH 366