You must specify details for a RADIUS, Active Directory, or LDAP server that resides on your LAN so that the Corente Services Gateway can communicate with the server to authenticate Mobile Users.
To configure authentication with a RADIUS server, do the following:
Navigate to the User Remote Access tab on the appropriate Location form.
Select Configure for the RADIUS Server option in the External Authentication Servers section.
Specify values for the following fields:
- IP Address
Specifies the IP address of the RADIUS server on your LAN. The IP address must exist in the Default User Group for the Corente Services Gateway.
- Port
Specifies the port where the Corente Services Gateway connects to the RADIUS server. The default value is
1831
.- Secret
Specifies the authentication secret that the Corente Services Gateway uses to connect to the RADIUS server.
- Confirm Secret
Validates the authentication secret.
- Timeout
Configures the amount of time, in seconds, that the Corente Services Gateway waits for the RADIUS server to respond when authenticating Mobile Users. The default value is
4
.- Retries
Configures the number of attempts the Corente Services Gateway makes to authenticate Mobile Users to the RADIUS server. The default value is
2
.- Login Prompt
Specifies a prompt that displays to Mobile Users to enter their user names. You can enter any text string with a maximum of 100 characters.
- Password Prompt
Specifies a prompt that displays to Mobile Users to enter their passwords. You can enter any text string with a maximum of 100 characters.
Select OK to save and close the RADIUS server configuration.
Select OK on the Location form to save your changes.
The following requirements apply to using Microsoft Active Directory (AD) servers for external authentication:
Server Message Block (SMB) signing is required. You must enable SMB signing on the AD server.
Mobile User names that you define in App Net Manager must match the user names that you define in AD.
Password expiration polices that you define in App Net Manager do not apply to user accounts in AD.
To configure authentication with a Microsoft Active Directory (AD) server, do the following:
Navigate to the User Remote Access tab on the appropriate Location form.
Select Configure for the LDAP Server option in the External Authentication Servers section.
Specify values for the following fields:
- IP Address
Specifies the IP address of the AD server on your LAN. The IP address must exist in the Default User Group for the Corente Services Gateway.
- NetBIOS Name
Specifies the NetBIOS identifier of the AD server on your LAN. You must specify the NetBIOS name if you specify an IP address.
- DNS Name
Specifies the domain name of the AD server on your LAN. The server must exist in the Default User Group for the Corente Services Gateway.
- User Name
Specifies the user name that the Corente Services Gateway uses to authenticate against the AD server.
This user account must be a member of the Account Operators group in the AD server.
- Password
Specifies the password that corresponds to the user name.
- Base
Specifies the distinguished name (DN) of the search base object in your directory.
Select OK to save and close the server configuration.
Select OK on the Location form to save your changes.
If your Corente Services network includes legacy versions of the Corente Client, you can maintain your LDAP configuration.
To maintain your legacy LDAP configuration, do the following:
Navigate to the User Remote Access tab on the appropriate Location form.
Select Configure for the LDAP Server option in the External Authentication Servers section.
Specify values for the following fields:
- IP Address
Specifies the IP address of the LDAP server on your LAN. The IP address must exist in the Default User Group for the Corente Services Gateway.
- NetBIOS Name
Specifies the NetBIOS identifier of the LDAP server on your LAN. You must specify the NetBIOS name if you specify an IP address.
- DNS Name
Specifies the domain name of the LDAP server on your LAN. The server must exist in the Default User Group for the Corente Services Gateway.
- Port
Specifies the port number that the Corente Services Gateway uses to connect to your LDAP server. The default value is
389
.- Backup LDAP Server
Specifies the location for a secondary, or failover, LDAP server on your LAN.
- User Name
Specifies the user name that the Corente Services Gateway uses to authenticate against the LDAP server.
- Password
Specifies the password that corresponds to the user name.
- Timeout
Configures the amount of time, in seconds, that the Corente Services Gateway waits for the LDAP server to respond when authenticating Mobile Users. The default value is
4
.- Base
Specifies the distinguished name (DN) of the search base object in your directory.
- Scope
Configures the starting point for directory queries. You can select one of the following:
Base queries the base object only.
One Level queries objects subordinate to the base object but does not include the base object.
Subtree queries the base object and entire subtree of the directory for which the base object is the highest object.
- Filter
Specifies entries to allow or exclude from directory queries.
- Attributes
Specifies attribute values to match in directory queries.
Select OK to save and close the RADIUS server configuration.
Select OK on the Location form to save your changes.