Firmware Version supported: 4.5 and above
In this document, we will guide you through the configuration of LDAP on your firewall.
Step 1: Create a service group on the firewall by going to Definitions -> Protocols and Services -> Configure Service Group.
Step 2: Create a host by going to Definitions-> Hosts and add LDAPServer as a host by specifying the appropriate IP Address.
Step 3: Now create the rules for allowing LDAP service through the GajShield firewall by going to Firewall -> Policies -> Rules.
You will need to add a rule by going on Firewall > Policies > Rules & use LDAPServer in services tab to allow the firewall to access the LDAP Server as shown below
Step 4: Go to Configuration -> User Management -> LDAP
Specify the following information under LDAP Server Settings:
Server name: Define a name for the LDAP configuration.
Server IP: Select the host IP Address of the remote LDAP server
Server Port: The default LDAP port is 389, if your LDAP server is using another
port then you can define the custom port.
Distinguished Named: It is used to look up entries on the LDAP server and is a
hierarchy of LDAP database object classes above the Common Name Identifier.
Login Attribute: Default Login Attribute is Unique Identification (UID) to identify user entries. Here you can define different login attribute as well.
First Name Attribute (Optional): Define first name attribute for LDAP configuration.
Last Name Attribute (Optional): Define last name attribute for LDAP configuration.
Email Address Attribute (Optional): Define email address attribute for LDAP configuration.
BindDN: Define distinguished name of LDAP server. Distinguished name is starting point for searching user in LDAP server.
Password: Input the secret (password) to be used to connect LDAP server.
Scope: Define scope as configured on the LDAP server.
NOTE: You will also need to add a rule in the policy manager to allow the firewall access to the LDAP server.
After adding the necessary information, you will have to create a firewall rule to
connect to the LDAP server by going to firewall -> Policies -> Rules
Synchronize LDAP Users/Groups
Synchronize LDAP Users/Groups: Click on Synchronize button to synchronize LDAP users as well as groups from LDAP users.
NOTE: You will have to specify LDAP option by going to Browsing -> Setup -> Browsing Options, tick on userSense and specify LDAP from the drop down menu.
Thus you have successfully configured LDAP on your firewall.