Configuring CRYPTOCard server authentication

To add or remove services accessible by CRYPTOCard authenticated users, add the CRYPTOCard user or group in the individual service's Properties dialog box, and the IP address of the Firebox on the CRYPTOCard authentication server.

From Policy Manager:

  1. Select Setup => Authentication.
    The Member Access and Authentication Setup dialog box appears.
  2. Under Authentication Enabled Via, click the CRYPTOCard Server option.
  3. Click the CRYPTOCard Server tab.
    You might need to use the arrow buttons in the upper-right corner of the dialog box to bring this tab into view.
  4. Enter the IP address of the CRYPTOCard server.
  5. Enter or verify the port number used for CRYPTOCard authentication.
    The standard is 624.
  6. Enter the administrator password.
    This is the administrator password in the passwd file on the CRYPTOCard server.
  7. Enter or accept the time-out in seconds.
    The time-out period is the maximum amount of time, in seconds, a user can wait for the CRYPTOCard server to respond to a request for authentication. Sixty seconds is CRYPTOCard's recommended time-out length.
  8. Enter the value of the shared secret between the Firebox and the CRYPTOCard server.
    This is the key or client key in the "Peers" file on the CRYPTOCard server. This key is case sensitive and must be identical on the Firebox and the CRYPTOCard server for CRYPTOCard authentication to work.
  9. Click OK.
    The Member Access and Authentication Setup dialog box closes, and the new authentication settings are saved.
  10. Gather the IP address of the Firebox and the user or group aliases to be authenticated via CRYPTOCard. The aliases appear in the "From" and "To" listboxes in the individual services' Properties dialog boxes.

On the CRYPTOCard server:

  1. Add the IP address of the Firebox where appropriate according to CRYPTOCard's instructions.
  2. Take the user or group aliases from the service properties listboxes and add them to the group information in the CRYPTOCard configuration file. Only one group can be associated with each user.
     

    The filter rules for CRYPTOCard user Filter-IDs are case-sensitive.
    For more information, consult the CRYPTOCard server documentation.

 

Install | User | Handbook | Reference | Training | Support | Contact Us
Copyright © 1998 - 2001 WatchGuard Technologies,Inc. All rights reserved.
Legal Notice/Terms of Use