4. Change the port number if you??™ve confi gured the RADIUS server to use a
different port, and change the timeout if need be.
5. Enter the shared secret if one is required.
6. Click OK.
Figure 11.10 Adding a RADIUS Server to Authenticate Users Attempting to Send
Traffi c through the Firewall
For LDAP, perform the following steps.
1. Go to the LDAP tab, and click Add.
400 Chapter 11 ??? Confi guring Microsoft Internet Security and Acceleration Server 2006
2. Here you will enter a ???set??? of LDAP servers. Enter the name you want to use
for the server set.
3. Click Add to add the IP address or DNS name of the LDAP server you want
to add to the server set.
4. Enter the fully qualifi ed domain name for the domain being authenticated to.
5. Check whether ISA Server should use the global catalog to perform the
authentication.
6. Check whether ISA Server needs to make a secure connection to the LDAP
server.
7. Click OK.
8. Click Add to enter a login expression if you like, or leave it blank. This setting
can be used to have some wildcard matching done on the authentication
credentials so that basically instead of a user having to enter domain\username,
they can just enter username.
9. Click OK.
Enabling Intrusion Detection and DNS Attack Detection
Intrusion detection is enabled by default. However, you can select which types of
attacks ISA Server watches for and alerts on. Port scans are the only attack type listed
that is not enabled by default.
Pages:
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396