GajShield Knowledge Base

All the documents you require to help you configure and manage GajShield firewalls.

How to configure LDAP on your firewall

Firmware Version supported: 4.5 and above

In this document, we will guide you through the configuration of LDAP on your firewall.

Step 1: Create a service group on the firewall by going to Definitions -> Protocols and Services -> Configure Service Group.

Step 2: Create a host by going to Definitions-> Hosts and add LDAPServer as a host by specifying the appropriate IP Address.

Step 3: Now create the rules for allowing LDAP service through the GajShield firewall by going to Firewall -> Policies -> Rules.

You will need to add a rule by going on Firewall > Policies > Rules & use LDAPServer in services tab to allow the firewall to access the LDAP Server as shown below

Step 4: Go to Configuration -> User Management -> LDAP

Specify the following information under LDAP Server Settings:

Server name: Define a name for the LDAP configuration.

Server IP: Select the host IP Address of the remote LDAP server

Server Port: The default LDAP port is 389, if your LDAP server is using another

port then you can define the custom port.

Distinguished Named: It is used to look up entries on the LDAP server and is a

hierarchy of LDAP database object classes above the Common Name Identifier.

Login Attribute: Default Login Attribute is Unique Identification (UID) to identify user entries. Here you can define different login attribute as well.

First Name Attribute (Optional): Define first name attribute for LDAP configuration.

Last Name Attribute (Optional): Define last name attribute for LDAP configuration.

Email Address Attribute (Optional): Define email address attribute for LDAP configuration.

BindDN: Define distinguished name of LDAP server. Distinguished name is starting point for searching user in LDAP server.

Password: Input the secret (password) to be used to connect LDAP server.

Scope: Define scope as configured on the LDAP server.

NOTE: You will also need to add a rule in the policy manager to allow the firewall access to the LDAP server.

After adding the necessary information, you will have to create a firewall rule to

connect to the LDAP server by going to firewall -> Policies -> Rules

Synchronize LDAP Users/Groups

Synchronize LDAP Users/Groups: Click on Synchronize button to synchronize LDAP users as well as groups from LDAP users.

NOTE: You will have to specify LDAP option by going to Browsing -> Setup -> Browsing Options, tick on userSense and specify LDAP from the drop down menu.

Thus you have successfully configured LDAP on your firewall.

Attached Files: