Home » Netgear Manuals » Networking » Netgear SSL312 » Manual Viewer

Netgear SSL312 SSL312 User Manual - Page 46

Troubleshooting Active Directory Authentication, Deleting a Domain

UPC - 606449046441

Add to My Manuals
Save this manual to your list of manuals

Page 46 highlights

NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual 8. Click Apply to update the configuration. Once the domain has been added, the domain displays in the table on the Domains screen Troubleshooting Active Directory Authentication If your users are unable to connect via Active Directory, verify the following: 1. The time settings between the Active Directory server and the SSL VPN Concentrator must be synchronized. Kerberos authentication, used by Active Directory to authenticate clients, permits a maximum of a 15-minute time difference between the Windows server and the client (the SSL VPN Concentrator). The easiest way to solve this issue is to configure Network Time Protocol on the Date and Time screen and check that the server's time settings are also correct. 2. Confirm that your Windows server is configured for Active Directory authentication. If you are using a Window NT 4.0 server, then your server only supports NT Domain authentication. Typically, Windows 2000 and 2003 servers are also configured for NT Domain authentication to support legacy Windows clients. Deleting a Domain To delete a domain, click the Delete link in the Domains table for the domain you wish to remove. Once the SSL VPN Concentrator has been updated, the deleted domain will no longer appear in the table in the Domains table. Note: The SSL VPN Concentrator "geardomain" domain cannot be deleted. 3-12 v1.1, November 2006 Authenticating Users

Section	Page
NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual	1
Contents	5
About This Manual	9
Conventions, Formats and Scope	9
Using This Manual	10
Printing this Manual	10
Revision History	12
Chapter 1 Introduction	13
About the ProSafe SSL VPN Concentrator 25	13
Key Features	13
Web Browser Requirements	14
What’s in the Box	15
Hardware Description	15
Front Panel	16
Back Panel	17
Steps for Deploying the SSL312	17
Chapter 2 Installing the SSL312	19
Choosing a Network Topology	19
Single Arm	19
Routing	20
Initial Connection to the SSL VPN Concentrator	21
Accessing the Management Interface	22
Configuring Basic Network Settings	24
Installing the SSL VPN Concentrator	26
Managing Certificates	26
Obtaining a Certificate from a Certificate Authority	27
Generating a Self-Signed Certificate	29
Uploading and Enabling the New Certificate	30
Viewing and Deleting Certificates	32
Steps for Further Configuration	33
Chapter 3 Authenticating Users	35
Authentication Domains	35
Local User Database Authentication	36
RADIUS and NT Domain Authentication	37
Configuring for RADIUS Domain Authentication	37
Configuring for NT Domain Authentication	39
LDAP Authentication	40
Sample LDAP Attributes	40
LDAP Attribute Rules	41
Sample LDAP Users and Attributes Settings	41
Querying an LDAP Server	42
Configuring for LDAP Authentication	42
Active Directory Authentication	44
Configuring for Windows Active Directory Authentication	44
Troubleshooting Active Directory Authentication	46
Deleting a Domain	46
Chapter 4 Setting Up User and Group Access Policies	47
Determine Your Requirements	47
Users, Groups and Global Policies	48
Global Policies	49
Editing Global Policy Settings	49
Adding and Editing Global Policies	50
Defining and Editing Global Bookmarks	52
Groups Configuration	52
Adding a New Group	53
Editing Group Settings	54
Defining and Editing Group Policies	55
Defining and Editing Group Bookmarks	57
Deleting a Group	58
Users Configuration	60
Adding a New User	60
Editing a User	62
Defining and Editing User Policies	64
Defining and Editing a User Bookmarks	65
Deleting a User	66
Using Network Resource Objects to Simplify Policies	66
Chapter 5 Configuring the Remote Access Web Portal	71
Portal Layouts	71
Portal Options	72
Adding Portal Layouts	72
Adding Terminal Services Applications to the Portal	76
Customizing the Banner	77
Duplicating and Editing Portal Layouts	78
Advanced Portal Page Layout Specifications	79
Creating a Guide to Using the Portal	80
Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding	81
Two Approaches for VPN	81
SSL VPN Client Configuration	82
Adding IP Address Ranges	83
Adding Routes for VPN Tunnel Clients	84
Configuring Applications for Port Forwarding	86
Configuring Host Name Resolution	87
Chapter 7 Additional System Configuration	89
Configuring Network Settings	89
Sample SSL VPN Concentrator Configuration	89
Network Interface Configuration	90
Network Route Configuration	92
Network Host Table Settings	94
Configuring DNS Settings	95
Setting Date and Time	96
System Configuration Utilities	98
Encrypting the Configuration File	99
Exporting and Saving a Backup Configuration File	99
Importing a Configuration File	100
Erasing the Configuration and Restoring the Default Settings	101
Upgrading the SSL VPN Concentrator Firmware	101
Additional Notes on the Management Interface	102
Chapter 8 Monitoring and Logging	103
SSL VPN Concentrator Status	103
Active Users	105
Event Log	106
Log Settings	107
Diagnostics	110
Appendix A Default Settings and Technical Specifications	111
Factory Default Settings	111
Technical Specifications	112
Appendix B Related Documents	113

Match case Limit results 1 per page

NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual

3-12

Authenticating Users

v1.1, November 2006

Click Apply to update the configuration. Once the domain has been added, the domain

displays in the table on the Domains screen

Troubleshooting Active Directory Authentication

If your users are unable to connect via Active Directory, verify the following:

The time settings between the Active Directory server and the SSL VPN Concentrator must be

synchronized. Kerberos authentication, used by Active Directory to authenticate clients,

permits a maximum of a 15-minute time difference between the Windows server and the client

(the SSL VPN Concentrator). The easiest way to solve this issue is to configure Network Time

Protocol on the

Date and Time

screen and check that the server's time settings are also

correct.

Confirm that your Windows server is configured for Active Directory authentication. If you

are using a Window NT 4.0 server, then your server only supports NT Domain authentication.

Typically, Windows 2000 and 2003 servers are also configured for NT Domain authentication

to support legacy Windows clients.

Deleting a Domain

To delete a domain, click the Delete link in the Domains table for the domain you wish to remove.

Once the SSL VPN Concentrator has been updated, the deleted domain will no longer appear in

the table in the Domains table.

Note:

The SSL VPN Concentrator

“geardomain” domain cannot be deleted.