Configure 2X Remote Application Server to use DualShield Authentication Platform
Open 2X Remote Application Server Management Console and select the ‘Connection’ category. Select the ‘Second Level Authentication’ tab. Select ‘Deepnet’ as the Provider.
Figure 7: Enabling 2nd Level Authentication in 2X RAS Console
Click on the ‘Settings’ button to configure the DualShield server settings.
Select ‘DualShield’ as theType, Enter the server name and port of the DualShield server previously installed.
Figure 8 - Deepnet Unified Authentication Platform: Connection Properties
Click on ‘Check Connection’ to test that the authentication server can be reached and to verify that the 2X Console is registered as a DualShield agent.
If you get the following message you have either setup the wrong server information or you need to allow auto registration of the 2X Components as a DualShield agent.
Figure 9 - DualShield Unified Authentication Platform: 2X Remote Application Server Console Registration Notification.
Go back to the DualShield Management Console and select ‘Agents’ from menu ‘Authentication’ as shown below.
Figure 10:DualShield Unified Authentication Platform – Configure Authentication Agents
Select ‘Auto Registration’ as shown in Figure 11.
Figure 11: DualShield Unified Authentication Platform: - Auto Register Agents
Check “Enabled” and set the date Range.
Figure 12: DualShield Unified Authentication Platform: Auto Registration
Once the Agent Auto Registration is set go back to the 2X Management Console and select Yes. The following message should show up.
Figure 13 - DualShield Unified Authentication Platform: DualShield agent successfully registered.
Please note that All 2X Publishing Agents must be registered with Deepnet DualShield server,
If you are using some Backup 2X Publishing Agents you need to close all windows opened until you can press apply in the 2X ApplicationServer main Management Console window. This will inform all the agents to self-register themselves as DualShield agents.
After setting up the connection settings, go to the ‘Application’ tab and browse for the Application name previously created from the DualShield Management Console.
Figure 14 - DualShield Unified Authentication Platform: Application Properties
Figure 15 - DualShield Unified Authentication Platform: Authentication Properties
Select how you want your users to be authenticated.
- ‘Mandatory for all users’ means that every user using the system must log in using two-factor authentication.
- ‘Create token for Domain Authenticated Users’ will allow 2X Remote Application Server to automatically create software tokens for Domain Authenticated Users. Choose a token type from the drop down list. Note that this option only works with software tokens, such as QuickID and MobileID
- ‘Use only for users with a DualShield account’ will allow users that do not have a DualShield account to use the system without have to login using two-factor authentication.
Figure 16 - DualShield Unified Authentication Platform: Exclusion list
‘User / Group exclude list’ allows you to add users or groups within your active directory that will be excluded from using DualShield Authentication.
‘Client IP exclude list’ allows you to add IP addresses or a range of IP addresses that will be excluded from using DualShield Authentication.
‘Client MAC exclude list’ allows you to add a MAC addresses that will be excluded from using DualShield Authentication.
‘Connection to the following Gateway IPs’ allows you to set a Gateway where users connected to the Gateway will be excluded from using DualShield Authentication.