Virtual Private Networking Using SSL Connections
346
ProSecure Unified Threat Management (UTM) Appliance
After you have completed the steps in the SSL VPN Wizard, you can change the domain
settings by selecting Users > Domains. For more information about domain settings, see
Configure Domains on page 388.
Search Base LDAP and Active
Directory
(continued)
The DN at which to start the search, specified as a sequence of
relative distinguished names (RDNs), connected with commas
and without any blank spaces. For most users, the search base is
a variation of the domain name. For example, if your domain is
yourcompany.com, your search base DN might be as follows: dc=
yourcompany,dc=com.
UID Attribute LDAP only The attribute in the LDAP directory that contains the user’s
identifier (UID).
For an Active Directory, enter sAMAccountName.
For an OpenLDAP directory, enter uid.
Member Groups
Attribute
This field is optional. The attribute that is used to identify the
groups that an entry belongs to.
For an Active Directory, enter memberOf.
For OpenLDAP, you can enter a customized attribute to identify
the groups of an entry.
Group Members
Attribute
This field is optional. The attribute that is used to identify the
members of a group.
For an Active Directory, enter member.
For OpenLDAP, you can enter a customized attribute to identify
the members of a group.
Additional Filter LDAP and Active
Directory
This field is optional. A filter that is used when the UTM is
searching the LDAP server for matching entries while excluding
others. (Use the format described by RFC 2254.)
The following search term examples match users only:
Active Directory. objectClass=user
Open LDAP. objectClass=posixAccount
Radius Port All RADIUS
authentication
types except
MSCHAP and
MSCHAPv2
The port number for the RADIUS server. You can enter a value
between 1 and 65535. The default port number is 1812.
Repeat The period in seconds that the UTM waits for a response from a
RADIUS server. You can enter a value between 1 and 10. The
default is 3 seconds.
Timeout The maximum number of times that the UTM attempts to connect
to a RADIUS server. You can enter a value between 3 and 30. The
default is 5 times.
Table 89. SSL VPN Wizard Step 2 of 6 screen settings (domain settings) (continued)
Setting Description