R3303-HP 6600/HSR6600 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR6602-XG TAA-compliant Router

421

422

423

424

425

426

427

428

429

430

409

Item Descri

tion

Authentication Mode

Select an authentication mode for LDAP authentication. Options include Password,

Password+Certificate, and Certificate.

User Group Attribute Specify the name of the user group attribute configured on the LDAP server.

Specify conditions to

query user DN

Select this option to query user DN by specified conditions, including the administrator

DN, password, search base DN, and search template.

Admin DN

Enter a user DN that has the administrator rights, which include the right to view the

Password

Enter a user password that has the administrator right and enter the password again to

confirm the password.

Confirm Password

Search Base DN Specify a search base DN.

Search Template Specify a search template.

Use a template to

query user DN

Select this option to query the user DN by a template.

User DN template Specify the user DN template to be used to query the user DN.

Configuring AD authentication

Active Directory (AD) is a directory service provided by Windows 2000 Server and later versions. It

saves information of objects on a network and allows administrators and users to query the information.

AD uses structured data storage, which is the basis of the directory information logical structure. The SSL

VPN system can cooperate with the existing AD server of an enterprise seamlessly to provide AD

authentication for users in the enterprise.

For successful AD authentication of a user, you must also configure the user information on the AD

authentication server, create user groups, and add the user to the user groups. Make sure the user groups

configured on the authentication server exist on the SSL VPN gateway. Otherwise, the user cannot log in.

The number of user groups that the gateway supports for a user is 100. Make sure the number of user

groups specified for a user on the authentication server is equal to or less than the limit.

1. Select VPN > SSL VPN > Domain Management > Authentication Policy from the navigation tree.

2. Click the AD Authentication tab. The LDAP authentication configuration page appears.

Figure 181 AD authentication

3. Configure the AD authentication settings as described in Table 44.