NETGEAR ProSafe SSL VPN Concentrator 25 SSL312 Reference Manual
3-10 Authenticating Users
v2.0, May 2007
5. From the Portal Layout Name drop-down menu, select the name of the layout. The default
layout is SSL-VPN. You can define additional layouts in the Portal Layouts page.
6. Click Apply to update the configuration. Once the domain has been added, the domain
displays in the table on the Domains screen.
Active Directory Authentication
Active Directory authentication servers support a group and user structure that can be queried
when an Active Directory user logs in. This means that you can create policies and bookmarks for
Active Directory users at the group level, without needing to define Active Directory users in the
SSL VPN Concentrator. When a user logs in, if no corresponding user name is configured in the
the local database, then SSL VPN Concentrator will query the Active Directory server for the list
of groups that the user belongs to. If any of the same groups are defined in the SSL VPN
Concentrator, then policies and bookmarks for the first Windows Active Directory group that
matches a group configured in the SSL VPN Concentrator will be applied to the user.
Once you create an Active Directory domain, you can add groups that correspond with groups on
your Active Directory server. If the Active Directory user is configured in the SSL VPN
Concentrator, then the SSL VPN Concentrator will ignore the group information provided by the
Active Directory and, instead, implement policies and bookmarks based on the user settings and
the settings of the group to which the user belongs.
Configuring for Windows Active Directory Authentication
To configure Windows Active Directory authentication:
1. Click Add Domain. An Add Domain window displays.
Note: Because other authentication services do not have the same hierarchal structure and
group definitions as Active Directory, if you want to apply specific policies or
bookmarks to a group of RADIUS, NT, or LDAP users, you must add each user on
the Users and Groups screen.
Note: Of all types of authentication, Active Directory authentication is the most error
prone. If you are unable to authenticate using Active Directory, please read the
troubleshooting procedure at the end of this section.
