VPN Concentrator will query the Active Directory server for the list of groups to which
the user belongs.
Once you create an Active Directory domain, you can add groups that correspond with
groups on your Active Directory server. If the Active Directory user is configured in the
SSL VPN concentrator, then the SSL VPN concentrator will ignore the AD group
information and, instead, implement policies and bookmarks based on the settings of the
group to which the user belongs.
Confirming Connectivity
Before configuring the SSL VPN concentrator to authenticate through Active Directory,
it is important to check connectivity, as well as make some preliminary configurations.
To confirm connectivity:
1. Make sure that Active Directory is functioning properly.
2. Ensure that there is IP communication between the AD server and the SSL box. Do a
simple ping from the AD server to the SSL and from the SSL box using the
Diagnostics menu to ping the AD as well as a DNS lookup, if applicable.
Preliminary Configurations
There are a few procedures to configure in preparation for AD, which are Portal Layouts,
Groups, and User configurations. For detailed step-by-step procedures for configuring
Portal Layouts, Groups, and Users, please refer to the Reference Manual found on the
support site at http://kbserver.netgear.com/main.asp.
Portal Layouts
Portal Layouts allow you to create a custom page that remote users will see when they
log into the portal. Because the page is completely customizable, it provides the ideal
way to communicate remote access instruction, support information, technical contact
info, or VPN-related news updates to remote users. The page is also well-suited as a
starting page for restricted users; if mobile users or business partners are only permitted
to access a few files or web URLs, the page you create will only show those links
relevant to these users.
Custom Portals are accessed at a different URL than the default portal. For example, if
your SSL VPN portal is hosted at https://vpn.company.com, and you created a portal
layout named “sales”, then users will be able to access the sub-site at
https://vpn.company.com/portal/sales.
Configuring Users and Groups
It is important to understand the policy hierarchy. There are Global Policies that apply to
all groups and users accessing the SSL VPN concentrator and Group Policies that apply
to all users. The following list describes the hierarchy: