Manuals database logo
manualsdatabase
Your AI-powered manual search engine

nordic edge ASA 5500 Installation Manual

Page 1 preview
Page 2 preview
Page 3 preview
Page 4 preview
Page 5 preview
Page 6 preview
Page 7 preview
Page 8 preview
Page 9 preview
Page 10 preview
Page 11 preview
Page 12 preview
Page 13 preview
Page 14 preview
Page 15 preview
Page 16 preview
Page 17 preview
Page 18 preview
Page 19 preview
Page 20 preview
Page 21 preview
Page 22 preview
Page 23 preview
Page 24 preview
Page 25 preview
Page 26 preview
Page 27 preview
Page 28 preview
Page 29 preview
Page 30 preview
Page 31 preview
Page 32 preview
Page 33 preview
Page 34 preview
Page 35 preview
Page 36 preview
Page 37 preview
Page 38 preview
Page 39 preview
Page 40 preview
Page 41 preview
Page 42 preview
Page 43 preview
Page 44 preview
Page 45 preview
Page 46 preview
Page 47 preview
Page 48 preview
Page 49 preview
Contents
  1. Table Of Contents
  2. Table Of Contents
  3. SUMMARY
  4. GETTING STARTED
  5. Register and download the software
  6. INSTALLATION
  7. Installing license
  8. CONFIGURING THE ONE TIME PASSWORD SERVER
  9. Server
  10. Plugin manager
  11. Nordic Edge SMS Plugin
  12. Nordic Edge SMS
  13. Radius & Client
  14. Enable Radius
  15. Add client
  16. Configure LDAP
  17. Selecting Search Base DN
  18. Select Search filter
  19. Test LDAP Authentication
  20. START THE ONE TIME PASSWORD SERVER
  21. ADD MOBILE PHONE NUMBER WITH MICROSOFT MANAGEMENT CONSOLE
  22. CONFIGURING ASA5500 FOR SSL VPN AUTHENTICATION WITH NORDIC EDGE ONE TIME PASSWORD SERVER
  23. Name Server Group OTPserver, choose protocol RADIUS
  24. Add new radius server to the RADIUS group
  25. Browse to Configuration/Remote Access/Clientless SSL VPN Access/Connection Profiles and click Add
  26. Specify Connection Profile Name
  27. Edit Connection Profile Clientless SSL VPN Settings
  28. Add Group URL if user should be able to select authentication by specifying URL
  29. CONFIGURING ASA5500 FOR CISCO VPN CLIENT AUTHENTICATION WITH NORDIC EDGE OTP SERVER
  30. At the Cisco VPN Client, create an entry with correct name and password
  31. START TESTING
  32. Enter your one time password and click on "OK
  33. PURCHASE
nordic edge ASA 5500 Installation Manual Manual pdf 4 page image
Installation Guide1 SummaryThis is the complete installation guide for securing the authentication to your Cisco ASA 5500 solutionwith Nordic Edge One Time Password Server, delivering two-factor authentication via SMS to yourmobile phone. For both clientless SSL VPN and Cisco VPN Client. You will be able to test the productwith your existing Cisco ASA 500 and LDAP user database, without making any changes that affectexisting users. The guide will also allow you to make the complete installation effeciently, using amaximum of 1 hour. Nordic Edge provides several methods for delivering one time passwords, like e-mail, tokens, mobile clients, prefetch etc. - however in this test we are only going to use SMS.This is a step-by-step guide that covers the entire installation from A to Z. It is based on the scenariothat you are running your Cisco 5500 solution against Active Directory, and that you install the OneTime Password Server on a Windows Server. The One Time Password Server is platformindependent and works with all other LDAP user databases, like eDirectory, Sun One, Open LDAPetc. If you are not running Active Directory or Windows and if you have any questions regarding theslight differences in the installation process, you are most welcome to contact us atsupport@nordicedge.se and we will take you through the entire process.2 PrerequisitesYou will need to have a server available, for example a VMware virtual machine with Windows Server2003 installed with Ethernet in bridge mode. The server needs to have an ip-address configured andmust also be able to reach your DNS-servers, your Cisco 5500 ASA solution and the Active Directory.Since the software is quite small and easy to remove, you can also use any existing server in yournetwork.3 Important information regarding communicationThe One Time Password Server is a software that you can place on any server in your internalnetwork or DMZ.- The One Time Password Server needs to be able to communicate (Outbound traffic) with yourLDAP or JDBC User Database. Default port for LDAP and Secure LDAP is TCP port 389 / 636.- The Integration Module needs to be able to communicate (Outbound traffic) with the One TimePassword Server on TCP port 3100. Or Radius with UDP port 1812 or 1645 (Outbound traffic)- If you want to use the Nordic Edge SMS Gateway, the One Time Password Server needs to beable to communicate (Outbound traffic) with otp.nordicedge.net and otp.nordicedge.se with HTTPS onTCP port 443.In this test-scenario you will want to communicate with RADIUS port 1812 or 1645 and useour Nordic Edge SMS Gateway.www.nordicedge.se Copyright, 2008, Nordic Edge AB Page 4 of 49
/ 49
This manual is suitable for:
ASA 5500One Time Password Server
Manuals database logo
manualsdatabase
Your AI-powered manual search engine