Setting Up Active Directory for vGW Series Administrator Authentication

You can use Active Directory (AD) with the vGW Series for administrator authentication instead of storing the required information locally in the vGW Security Design VM database. Administrators can use their Active Directory credentials to log in to the vGW Security Design VM. The vGW Series checks Active Directory for the credentials, and, based on the settings, it allows the user to log in to vGW Security Design VM, or it denies the user access.

Figure 95: Active Directory

Active Directory

The Default Search Base is unique to each customer’s installation and is in the form of dc=domain-section-1, dc=domain-section-2, for example, dc=corp, dc=com.

To set up the vGW Series to work with Active Directory:

  1. Define the Name (or IP address) of the Active Directory server.
  2. Set the appropriate port. By default, port TCP 636 (LDAPS) is used. However, you can choose to use 389 LDAP+STARTTLS, or configure a custom port.

    Ensure that access to this port from the vGW Security Design VM to the server is enabled on your network.

  3. After you select the name or IP address, port, and default search base, select Test or Save to view the fingerprint that is used to validate the destination of the communication and to initiate all future communications through encryption.
  4. Create users or groups to be authenticated through the configured server lookup process:
    1. Select the Settings module vGW Application Settings section and select Administrators.
    2. Add administrators. Set the authentication type to Internal, AD Individual User, or AD Group.
      • For AD Individual User, the account is authenticated with AD credentials and all privileges are applied according to defined vGW Series settings.
      • For AD Group, the name of an existing group in AD is used and privileges are assigned to it. The lookup authenticates users and determines if they are a member of the AD Group. If so, they are granted the appropriate privileges in the vGW Series.

Related Documentation