?
Solved

user ldap authentication for  SSG20 for VPN login

Posted on 2010-01-13
7
Medium Priority
?
967 Views
Last Modified: 2012-05-08
Greetings,

I have a juniper ssg20 firewall with vpn and we are using the netscreen application. Could someone advise how to integrate this ldap so that users dont have to carry multiple login ids.

Currently i have setup the vpn to use ike and xauth.

help is highly appreciated
0
Comment
Question by:junaidIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 70

Accepted Solution

by:
Qlemo earned 750 total points
ID: 26312917
I recommend to read Concepts&Examples, Vol.9: User Authentication, and http://kb.juniper.net/KB4183 ("Configuring the Juniper Firewall Device Side VPN With XAuth").

You will (probably) have to assign IP Pool, DNS and WINS manually like with the local Auth, but since you have done that already, that should be no problem.

I could not get it work yet, as I was not able to define the LDAP server at all. But please try yourself. I am interested in the result, as I'm working with Local Auth yet, and would like to extend it to Domain LDAP.
0
 
LVL 11

Author Comment

by:junaidIT
ID: 26511476
sorry for the late reply. will check that out andlet you know the results.
0
 
LVL 11

Author Comment

by:junaidIT
ID: 26570872
got a query. do i need to create any policy for the autentication to happen. my ldap server is also my domain controller.
0
Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

 
LVL 70

Expert Comment

by:Qlemo
ID: 26571027
No, I suppose not, as the LDAP traffic is not crossing zones (it remains in Trust).
0
 
LVL 11

Author Comment

by:junaidIT
ID: 29322860
kindly abandon this question
0
 
LVL 70

Expert Comment

by:Qlemo
ID: 29325792
Inappropriate closure. It does not make sense to accept your last comment, since it is no  solution.
 
You can either
  • delete the question with refund - if noone helped you. I don't think that is the case.
  • accept an answer - if not fully covering, with a Grade "B"; if complete, Grade "A". You can also give part of the points only.
  • post your closure reason as a comment, and accept that. If it was the solution, then it should be done this way. Could you be more specific what you changed? Another EE user might find that info valuable.
0
 
LVL 11

Author Closing Comment

by:junaidIT
ID: 31676616
please have the question closed and points assigned.the solution definitely provided a guidance on what needs to be done, however unfortunately the device just blew up and we decided to with another product.

thank you for your help and apologies if any inconvenience caused.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question