Overview of Configuration Steps |
Installation of SMS PASSCODE server
Field | Menu | Value |
---|---|---|
RADIUS client protection | SMS PASSCODE -> Install Shield Wizard | Enabled |
Field | Menu | Value |
---|---|---|
Enable AD Integration | Settings -> General | Enabled (single domain mode) |
Mobile number required | Policies -> User Integration Policies | Enabled |
AD Credentials | Policies -> User Integration Policies | Login/Password |
Group Name | Policies -> User Integration Policies | e.g. SMS PASSCODE Users |
Field | Menu | Value |
---|---|---|
Enable this RADIUS client | Network Policy Server -> RADIUS Clients | Enabled |
Friendy name | Network Policy Server -> RADIUS Clients | e.g. SMA Passcode GW |
Address (IP or DNS) | Network Policy Server -> RADIUS Clients | e.g. 172.16.105.141 |
Shared secret | Network Policy Server -> RADIUS Clients | e. g. supersecret |
Field | Menu | Value |
---|---|---|
Authentication Type | System Management -> Remote Authentication -> RADIUS -> New | XAUTH |
Server IP Address | System Management -> Remote Authentication -> RADIUS -> New | e.g. 172.16.105.131 |
RADIUS Password | System Management -> Remote Authentication -> RADIUS -> New | e. g. supersecret |
Field | Menu | Value |
---|---|---|
IP Pool Name | VPN -> IPSec -> IP Pools -> Add | e.g. IPSec Pool |
IP Pool Range | VPN -> IPSec -> IP Pools -> Add | e.g. 10.10.10.1 - 10.10.10.100 |
Field | Menu | Value |
---|---|---|
Description | VPN -> IPSec -> XAUTH Profiles -> New | e.g. SMS Passcode |
Role | VPN -> IPSec -> XAUTH Profiles -> New | Server |
Mode | VPN -> IPSec -> XAUTH Profiles -> New | RADIUS |
Field | Menu | Value |
---|---|---|
Description | VPN -> IPSec -> IPSec Peers -> New | e.g. SMS Passcode Users |
Preshared Key | VPN -> IPSec -> IPSec Peers -> New | e. g. supersecret |
IP Address Assignment | VPN -> IPSec -> IPSec Peers -> New | Server In IKE Configuration Mode |
IP Assignment Pool | VPN -> IPSec -> IPSec Peers -> New | IPSec Pool |
Local IP Address | VPN -> IPSec -> IPSec Peers -> New | e.g. 172.16.105.141 |
Phase 1 Profile | VPN -> IPSec -> IPSec Peers -> New -> Advanced Settings | None (use Default Profile) |
Phase 2 Profile | VPN -> IPSec -> IPSec Peers -> New -> Advanced Settings | None (use Default Profile) |
XAUTH Profile | VPN -> IPSec -> IPSec Peers -> New -> Advanced Settings | SMS Passcode |
Number of Admitted Connections | VPN -> IPSec -> IPSec Peers -> New -> Advanced Settings | Several users |
Configuration of bintec Secure IPSec Client
Field | Menu | Value |
---|---|---|
Connection Type | Wizard for new profile | Connection to company network via IPSec |
Profile Name | Wizard for new profile | Head Office |
Connection Medium | Wizard for new profile | LAN (over IP) |
Gateway (Tunnel Endpoint) | Wizard for new profile | e.g. vpngateway.bintec-elmeg.com |
Advanced authentication (XAUTH) | Wizard for new profile | Enabled |
Login name | Wizard for new profile | e.g. mustermann |
Password | Wizard for new profile | e. g. supersecret |
Exchange Mode | Wizard for new profile | Aggressive Mode |
PFS Group | Wizard for new profile | DH Group 2 (1024 Bit) |
Shared secret | Wizard for new profile | e.g. bintec elmeg |
Shared Secret (Retry) | Wizard for new profile | e.g. bintec elmeg |
Type | Wizard for new profile | e.g. Fully Qualified Username |
ID | Wizard for new profile | e.g. client1@bintec-elmeg.com |
IP address assignment | Wizard for new profile | Use IKE Config Mode |
Stateful Inspection | Wizard for new profile | off |
NetBIOS over IP | Wizard for new profile | Enabled |
Copyright© Version 08/2020 bintec elmeg GmbH |