Netgear SRX5308 SRX5308 Reference Manual - Page 230
Configuring Domains, Table 7-1., Authentication Protocols and Methods - active directory
UPC - 606449065145
View all Netgear SRX5308 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 230 highlights
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Configuring Domains The domain determines the authentication method to be used for associated users. For SSL connections, the domain also determines the portal layout that is presented, which in turn determines the network resources to which the associated users have access. The default domain of the VPN firewall is named geardomain. You cannot delete the default domain. Table 7-1 summarizes the authentication protocols and methods that the VPN firewall supports. Table 7-1. Authentication Protocols and Methods Authentication Protocol or Method Description (or Subfield and Description) PAP CHAP RADIUS MIAS WiKID NT Domain Active Directory Password Authentication Protocol (PAP) is a simple protocol in which the client sends a password in clear text. Challenge Handshake Authentication Protocol (CHAP) executes a three-way handshake in which the client and server trade challenge messages, each responding with a hash of the other's challenge message that is calculated using a shared secret value. A network-validated PAP or CHAP password-based authentication method that functions with Remote Authentication Dial In User Service (RADIUS). A network-validated PAP or CHAP password-based authentication method that functions with Microsoft Internet Authentication Service (MIAS), which is a component of Microsoft Windows 2003 Server. WiKID Systems is a PAP or CHAP key-based two-factor authentication method that functions with public key cryptography. The client sends an encrypted PIN to the WiKID server and receives a one-time pass code with a short expiration period. The client logs in with the passcode. See Appendix D, "Two-Factor Authentication," for more on WiKID authentication. A network-validated domain-based authentication method that functions with a Microsoft Windows NT Domain authentication server. This authentication method has been superseded by Microsoft Active Directory authentication but is supported to authenticate legacy Windows clients. A network-validated domain-based authentication method that functions with a Microsoft Active Directory authentication server. Microsoft Active Directory authentication servers support a group and user structure. Because the Active Directory supports a multilevel hierarchy (for example, groups or organizational units), this information can be queried to provide specific group policies or bookmarks based on Active Directory attributes. Note: A Microsoft Active Directory database uses an LDAP organization schema. 7-2 Managing Users, Authentication, and Certificates v1.0, April 2010