It is assumed that the Astaro Security Gateway UTM is setup and operational. An existing domain user can authenticate using a Domain AD password and access applications, your users can access through IPSec VPN and/or SSL VPN using Domain accounts.
Register DualShield RADIUS Server
- Log in to the WebAdmin interface of the ASG via https://<YourAstaroUTMsIP>:4444
- Select “Definitions & Users -> Authentication Servers”
Select “Servers” Tab
- Click “New Authentication Server” button
- Choose Backend: Radius
- Click on the + sign next to Server and enter
- Name: DualShield
- Type: Host
- Address: Your DualShield Radius Server IP Address
- In the Pop-Up, click Save
- Enter the Shared secret
- Click "Test server settings"
Enter a test Username and PasswordNow, click “Authenticate example user”
Enable Auto User creation for the RADIUS users
- Select “Definitions & Users -> Authentication Servers”
- Select “Global Settings” Tab
- Enable “Create users automatically”
- Click Apply.
- Choose “End-User Portal” and “SSL VPN”
- Click Apply
Allow RADIUS user to access the End-User Portal
In order to get their SSL VPN client and configuration, users have to initially log in to the End User portal. Make sure that RADIUS authenticated users are allowed to log in.
- Select “Management -> User Portal”
- Add the “Radius Users” group to the list of allowed users. You can choose this group by clicking on the Folder icon and drag and drop it from the list on the left.
Allow RADIUS users to use the SSL VPN client
- Select Remote Access -> SSL
- Add the "Radius Users" group to the list of allowed users. You can choose this group by clicking on the Folder icon and drag and drop it from the list on the left.
Allow RADIUS users to use the HTML5 VPN portal
- Select Remote Access -> HTML5 VPN Portal
- Add the "Radius Users" group to the list of allowed users. You can choose this group by clicking on the Folder icon and drag and drop it from the list on the left.
