WSM User Guide - WatchGuard Technologies

Configuring LDAP Authentication3 In the Port box, use the value control to select the port number to use for SecurID authentication.The default number is 1812.4 In the Secret box, type the shared secret between the Firebox® and SecurID server.The shared secret is a case-sensitive password and must be the same on the Firebox and SecurID server.5 In the Timeout box, use the value control to select the timeout value you want.This sets how long the Firebox waits for a response from the authentication server before it tries to connect again.6 To set how many connection attempts the Firebox makes, use the Retry value control.This is the number of times the Firebox tries to connect to the authentication server (using the time-out specifiedabove) before it reports a failed connection for one authentication attempt.7 Select the group attribute. We do not recommend that you change this value.The group attribute value is used to set which attribute carries the User Group information. When the SecurID serversends a message to the Firebox that a user is authenticated, it also sends a User Group string; for example,“engineerGroup” or “financeGroup”. This information is then used for access control.8 Type the IP address and the port of the backup SecurID server. The shared secret must be on theprimary and backup SecurID server.9 Click OK.Configuring LDAP AuthenticationYou can use an LDAP (Lightweight Directory Access Protocol) authentication server to authenticate yourusers to the Firebox®. LDAP is an open-standard protocol for using online directory services, and it operateswith Internet transport protocols, such as TCP. You can use LDAP to get access to stand-alone directoryservers or X.500 directories.1 From Policy Manager, select Setup > Authentication Servers. Select the LDAP tab.2 Select the Enable LDAP Server check box.User Guide 129