Manuais de utilizador para Cisco Systems nordic edge asa 5500

índice analítico

• 1 Summary

  4
• 2 Prerequisites

  4
• 3 Important information regarding communication

  4
• 4 Getting started

  5
  • 4.1 1.1 Download the software

    5
  • 4.2 Register and download the software

    6
• 5 Installation

  9
  • 5.1 Start the installation

    9
  • 5.2 Installing license

    11
• 6 Configuring the One Time Password Server

  15
  • 6.1 Start the OTP Configuration

    15
  • 6.2 Server page

    16
  • 6.3 Plugin manager page

    17
    • 6.3.1 Nordic Edge SMS Plugin

      18
  • 6.4 Nordic Edge SMS Page

    19
  • 6.5 Radius & Client page

    20
    • 6.5.1 Enable Radius

      21
  • 6.6 Add client

    22
  • 6.7 Configure LDAP

    23
    • 6.7.1 Test LDAP Connection

      23
    • 6.7.2 Selecting Search Base DN

      25
    • 6.7.3 Select Search filter

      27
    • 6.7.4 Test LDAP Authentication

      29
• 7 Start the One Time Password Server

  31
• 8 Add mobile phone number with Microsoft Management Console

  32
• 9 Configuring ASA5500 for SSL VPN authentication with Nordic Edge One Time Password Server

  33
  • 9.1 Start ASA device manager

    33
  • 9.2 Browse to Configuration, Remote Access VPN, AAA/Local Users, AAA Server Groups and click Add.

    33
  • 9.3 Name Server Group OTPserver, choose protocol RADIUS

    34
  • 9.4 Add new radius server to the RADIUS group

    35
  • 9.5 Configure Radius Server : Interface name, IP address to OTPserver and the pre-shared key between the One Time Password server and Cisco ASA5500.

    35
  • 9.6 Create a ”test” connection profile (in case you want to test this for certain users only).

    37
    • 9.6.1 Browse to Configuration/Remote Access/Clientless SSL VPN Access/Connection Profiles and click Add

      37
    • 9.6.2 Specify Connection Profile Name

      38
    • 9.6.3 Specify AAA Server Group = OTPserver

      38
    • 9.6.4 Edit Connection Profile Clientless SSL VPN Settings

      40
    • 9.6.5 Add Alias if user should be able to select authentication method by drop-down-list

      40
    • 9.6.6 Edit Connection Profile Clientless SSL VPN Settings

      41
    • 9.6.7 Add Group URL if user should be able to select authentication by specifying URL

      41
    • 9.6.8 If user should be allowed to select authentication method by drop-down-list,

      41
    • 9.6.9 select this item.

      41
• 10 Configuring ASA5500 for Cisco VPN Client authentication with Nordic Edge OTP Server

  45
  • 10.1 Add a new ( or Edit an existing) Cisco VPN Client Connection Profile to use the OTPserver

    45
  • 10.2 At the Cisco VPN Client, create an entry with correct name and password

    46
  •  Name must match the connection profile name at previous slide.

    46
  •  Password must match the pre-shared key in ASA5500.

    46
  • (Note : This can be distributed via MSI installation)

    46
• 11 Start testing

  47
  • 11.1 Enter your Userid and password as usual

    47
  • 11.2 You will receive a one-time password to your mobile phone within a couple of seconds.

    47
  • 11.3 Enter your one time password and click on “OK”.

    48
• 12 Purchase

  49
• 13 Technical questions

  49