Multiple fireboxes on the same authpoint gateways
Hi
Is is possible to add an additional firebox (radius resource) to an existing authpoint gateway ?
OR do individual fireboxes(radius resource) need their own authpoint gateways
Has anyone set this up for SSL vpns?
Is there a guide for this ?
Thanks Jamie
0
Sign In to comment.
Comments
Hi @Jamie_Bullitt
You can potentially do this, but unless the firebox is on the same network as another firebox, you'd likely need a Branch Office VPN.
Instead of using the RADIUS gateway for SSLVPN, I would suggest using the firebox's built-in integration
https://www.watchguard.com/help/docs/help-center/en-US/Content/Integration-Guides/AuthPoint/firebox-ssl-vpn-radius_authpoint.html
(This also allows you to use OTP instead of push, should your users be in an environment where push notifications do not work.)
-James Carson
WatchGuard Customer Support
Hi
Thank you for the advice , i'll use the built-in integration , i've been through the setup guides but have one question , after the users sync from ldap using the external identity how does authpoint authenticate the users passwords as the guide states "With Fireware v12.7.2 or higher, the AuthPoint Gateway is only required to sync LDAP users and groups to AuthPoint. The Gateway is not used for user authentication" and "AuthPoint does not store passwords for synchronized users"
Thanks Jamie
Hi @Jamie_Bullitt
The gateway for LDAP sync is still needed if you're using AD users, but it doesn't need to be on the same physical network. If your AD server lives in a different network, that resource can be used elsewhere in your account (provided both firewalls are on the same account.)
-James Carson
WatchGuard Customer Support