SSL VPN
Reply
Contributor
Wilmer
Posts: 35
Registered: ‎12-23-2010
0
Accepted Solution

Juniper SA 4500 configure for AD and RSA token authenication

Could someone please tell me mow can I confiure the SA 4500 so that user can choose on Login Page whether they want to login via AD or RSA token server??

Further more

How to configure SA 4500 AD single sign on(SSO) and RSA token server SSO

I have search KB, however, I  didn't have access right on that article

 

Distinguished Expert
muttbarker
Posts: 2,382
Registered: ‎01-29-2008
0

Re: Juniper SA 4500 configure for AD and RSA token authenication

Wilmer - authentication server selection is tied to the Realm. You can "allow" a user to choose between authenticating via AD (user/pass) or RSA token by providing realm selection through the sign-in policies URL setup.

 

If you are trying to use a sign-in policy in which the user can't choose the realm then they can't choose. Does that make sense?

 

When you say you are trying to configure SSO can you explain what you are trying to do. The SA box can capture user login information and then pass that information on to various resources in multiple ways.The capture part is done at authentication time. You define your various SSO authentication scenarios under Resource Policies / SSO - and then apply them to your various resources (best done through the resource profile for that resource).

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Contributor
Wilmer
Posts: 35
Registered: ‎12-23-2010
0

Re: Juniper SA 4500 configure for AD and RSA token authenication

Thank you for your reply

If I want the SSO on AD, it is enough if I use Basis authentication option?

 

Merry Christmas

Distinguished Expert
muttbarker
Posts: 2,382
Registered: ‎01-29-2008
0

Re: Juniper SA 4500 configure for AD and RSA token authenication

If you are talking about configuring SSO under "Users / Resource Policies / SSO" - then the answer is "it depends" - You define the type of SSO that the receiving system wants. So if the system you are trying to set an SSO policy for uses Basic, then Basic will work. If it requires NTLM then you use that.

 

I would recommend reading the Admin Guide - under the Web Rewriting section - you need to match credentials between the sender (SSL box) and receiver.

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL, WLAN
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.