Configuring PingID for VPN with PingFederate Bridge

Use Cases

bundle
solution-guides
ft:publication_title
Use Cases
Product_Version_ce
category
ContentType
howtodoc
ContentType_ce
How-to
  1. From the PingFederate administrative console Identities section, select Yes, Connect a Directory Server.
  2. Enter information in the fields that is appropriate for your directory server.
    FieldDescription
    Directory Type Select the type of directory server from the list.
    Data Store Name Enter the name of the datastore.
    Hostname Enter the fully qualified domain name (FQDN) for your directory server.
    Service Account DN Enter the distinguished name (DN) of the service account that PingFederate can use to communicate with the directory server.
    Password Enter the password associated with the service account.
    Search Base Enter the DN of the location in the directory where PingFederate begins its datastore queries.
    Search Filter Specify how the username provided by a user at login is mapped to an attribute in your directory.

    The default value is either sAMAccountName=${username} or uid=${username}, depending on the selected directory type.

    If you require a more advanced search filter, enter the value in the following format: <Your attribute Name>=${username}. For more information, consult your directory administrators.

  3. Click Next.
    Note:

    If your directory server is SSL-enabled and presents an untrusted certificate, PingFederate prompts you to upload the server’s certificate. Click Choose Certificate, select the appropriate certificate, and click Next.

  4. In the Use Cases section, select the PingID VPN (RADIUS) check box. Click Begin.
  5. In the Basic Settings section, configure the basic settings:
    1. In the Client IP field, enter the IP address of the VPN server.
    2. In the Client Shared Secret field, enter the secret shared between the VPN server and PingFederate Bridge.
    3. Verify that the Validate with LDAP check box is selected.
    4. In the PingID Username Attribute field, enter the value you entered in the Search Filter field in step 2.
      Note:

      The integrated RADIUS server listens on port 1812 by default.

  6. Click Next.
  7. In the Provisioning section, the Configure Provisioning check box should be unselected. Click Next.
  8. In the Summary section, review your configuration. Click Done.
  9. Click Next.
  10. In the Basic Information section, in the Base URL field, enter https://Your Server Domain:9031.
    Note:

    Your Server Domain is your fully qualified domain name (FQDN).

  11. Click Next.
  12. To apply the configuration to PingFederate Bridge, click Next.
  13. Click Done.
PingID for VPN is enabled in PingFederate Bridge for use.
Note:

For more information on configuring your VPN client/server settings, see Integrate PingID with your VPN/Remote access system.