You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Below are diagrams of 2 typical deployments of RADIUS integration:

Deployment 1: Compact

In this compact deployment, both the DualShield Authentication Server (DAS) and the DualShield RADIUS Server (DRS) are installed and operating on one single server machine that resides in the corporate network.

Deployment 2: Extended

In this extended deployment, the DualShield Authentication Server (DAS) is installed on a server machine that resides in the corporate network, and the DualShield RADIUS Server (DRS) is installed on a server machine that resides in the DMZ. 

Ports & Protocols

PortProtocolFunctionComment
1812UDPRADIUS authentication
1813UDPRADIUS accountingOptional in most cases
8090TCPRADIUS managementUsed by the DualShield Authentication Server to manage the RADIUS server
389LDAP
Used in communication between DualShield Authentication Server and AD server
636LDAPS
Used in communication between DualShield Authentication Server and AD server



Deployment 1: Compact

In this compact deployment, the DualShield All-in-One Server that includes both the SSO Server and Authentication Server resides in the corporate network.

Deployment 2: Extended

In this extended deployment, the DualShield platform is split into two servers, the front-end SSO Server that reside in DMZ, and the backend Authentication Server that resides in the corporate network.

Ports & Protocols

Port

Protocol

Function

Comment

8074TCPDualShield SSO Server working portSecure SSL
8071TCPCommunication between DualShield SSO Server and DualShield Authentication ServerSecure SSL
389LDAPCommunication between DualShield Authentication Server and AD Server
636LDAPSCommunication between DualShield Authentication Server and AD ServerSecure SSL 


Deployment 1: Compact

In this compact deployment, both the DualShield Authentication Server (DAS) and the Exchange server reside in the corporate network.

Deployment 2: Extended

In this extended deployment, the DualShield platform is split into two servers, the front-end SSO Server that reside in DMZ, and the back-end Authentication Server that resides in the corporate network.

Ports & Protocols

Port

Protocol

Function

Comment

8074TCPCommunication between DualShield IIS Agent and DualShield SSO ServerSecure SSL
8075TCPCommunication between DualShield IIS Agent and DualShield SSO ServerSecure SSL
8071TCPCommunication between DualShield SSO Server anf DualShield Authentication ServerSecure SSL
389LDAPCommunication between DualShield Authentication Server and AD Server
636LDAPSCommunication between DualShield Authentication Server and AD ServerSecure SSL 

 


Below are 2 typical deployments of Exchange email integrations

Deployment 1: Compact

In this compact deployment, both the DualShield Authentication Server (DAS) and the Exchange server reside in the corporate network.

Deployment 2: Extended

In this extended deployment, the Exchange system is split into two servers, the front-end Edge Transport Server that resides in DMZ, and the backend Mailbox Server that resides in the corporate network.

The DualShield platform is also split into two servers, the front-end SSO Server that resides in DMZ, and the backend Authentication Server that resides in the corporate network.

Ports & Protocols

Port

Protocol

Function

Comment

8074TCPCommunication between DualShield IIS Agent and DualShield SSO ServerSecure SSL
8075TCPCommunication between DualShield IIS Agent and DualShield SSO ServerSecure SSL
8071TCPCommunication between DualShield SSO Server and DualShield Authentication ServerSecure SSL
389LDAPCommunication between DualShield Authentication Server and AD Server
636LDAPSCommunication between DualShield Authentication Server and AD ServerSecure SSL 

Related Articles



Unable to render {include} The included page could not be found.







  • No labels