ProxySG & Advanced Secure Gateway

 View Only

  • 1.  Certificate based Authentication.

    Posted May 04, 2018 01:19 AM

    Hi Team,

    We are looking to implement certificate based authentication for our IOS devices. I could see the below KB which is related to this requirement but it for 6.2.X

    https://support.symantec.com/en_US/article.TECH243680.html

    Can we get latest one and new procedure and best practice for this requirement.

     

    Customer depl: Explict deployment

    Proxy version: 6.6.X.X

     

    Thanks,

    Ram.



  • 2.  RE: Certificate based Authentication.

    Posted May 04, 2018 03:13 AM

    Hi Ram,

     

                     The iOS authentication is for transparent deployment. Steps are all same.



  • 3.  RE: Certificate based Authentication.

    Posted May 04, 2018 05:24 AM

    Hi Aravind,

    Client is having explicit setup only. The above procedure mentioned in the KB is applicable for the proxySG version 6.2.X.X.

     

    Do you have any latest documet and procedure for this certificate authentication. there is many options are changed in the latest verison.

    Proxy version: 6.6.X.X

     

    Thanks,

    Ram.



  • 4.  RE: Certificate based Authentication.
    Best Answer

    Posted May 04, 2018 06:52 AM

    Hi Ram,

     

                    The steps remains pretty much the same. Overall the requirements on the proxy are below

     

    Create a Cert realm with the correct CN string mentioned. For authorization, can use LDAP in backend

    Authenticate policy to redirect to virtual url

    This Virutal to host a HTTPS RP service with the CA cert which also issued the Client certificate. Also the verify client is enabled in this service

    Use the User or Group in the Rules.