Administration Guide 61
CHAPTER 5 Configuring Authentication and
Authorization
The Firebox SSL VPN Gateway supports several authentication types including LDAP, RADIUS, RSA Secu-
rID, NTLM, and Secure Computing’s SafeWord products.
The following topics describe how to configure Firebox SSL VPN Gateway
authentication:
• Choosing When to Configure Authentication on the Firebox SSL VPN Gateway
• Configuring Authentication on the Firebox SSL VPN Gateway
• Configuring Local Authentication
• Configuring Local Users
• Configuring LDAP Authentication and Authorization
• Configuring RADIUS Authentication and Authorization
• Configuring RSA SecurID Authentication
• Configuring Secure Computing SafeWord Authentication
• Configuring NTLM Authentication and Authorization
• Configuring Double-Source Authentication
Configuring Authentication and Authorization
By default the Firebox SSL VPN Gateway authenticates users against a user list stored locally on the Fire-
box SSL VPN Gateway.
You can configure the Firebox SSL VPN Gateway to use LDAP, RADIUS, RSA
SecurID, SafeWord, or NTLM (Windows NT 4.0) authentication servers. The Firebox SSL VPN Gate-
way supports realm-based authentication to accommodate sites with more than one LDAP or RADIUS
server or with a combination of SafeWord, LDAP, RADIUS, NTLM, and/or RSA SecurID authentication
servers.
