Common Practices
Fireware Pro
Firebox SSL VPN
Firebox X Core/Edge
Setup -
Branch Office VPN (IPSec) - Firebox/Soho
Remote User configuration using MUVPN & PPTP
Troubleshooting -
Backing Up/Restoring your Firebox Image.
Configuring your SSL VPN Firebox to authenticate to an Active Directory
In the above setup, the domain is fireboxsupport.com
The LDAP server is 172.25.0.155
The Administrator credentials are first (LDAP location, then the password.)
Server port is 3268
Administrator Bind DN is very standard and should work for everyone if you substitute your domain name.
CN=Administrator,CN=Users,DC=fireboxsupport,DC=com
Enter the Administrator password for the domain controller.
When the global catalog port of 3268 is used, you only need to define the Base DN where users reside.
In this case it is
CN=Users,DC=fireboxsupport,DC=com
No other changes need to be made.
Submit and now you need to just make a user group with the SAME name of the domain group your users will be a member of.
In this case the user group is “SSLVPN” on the domain controller.
This is all that you need, now when users login, the SSL log will say it logged them in and it sees them as a member of group xxxx which must match your group name in the user groups section.
(11/11/05 15:15:23): 0:ldapd: user [scarlson] is in the following LDAP groups: SSLVPN,Administrators
If you see a bind error, then your authentication server information is incorrect. Once the settings are correct and matching you will not see any bind errors in the log when you submit the settings.
Now you just need to ensure any user you want to allow access to is a member of this group.
