SafeNet Trusted Access for Array AG SSL VPN
Configuring SafeNet Trusted Access for Array AG SSL VPN is a three-step process:
1.Array AG SSL VPN setup
2.SafeNet Trusted Access setup
As a prerequisite, download the Identity Provider metadata from the SafeNet Trusted Access console by clicking on the Download metadata file button.
You will need this metadata in one of the steps below.
Perform the following steps to configure SafeNet Trusted Access as your Identity Provider in Array AG SSL VPN:
1.Log in to the Array AG SSL VPN administrator dashboard using the https://<Array AG SSL VPN IP address>:<Web UI Port Number configured for Array AG SSL VPN> URL.
2.On the administrator dashboard, in the left pane, under VIRTUAL SITES, click Virtual Sites.
3.In the right-pane, on the Virtual Sites tab, in the Site Name column, click on the virtual site name (for example, example) for which you want to implement SAML authentication.
4.In the left pane, at the top, select the Config mode, and then under SITE CONFIGURATION, click AAA.
5.In the right pane, click on the SAML tab, and then perform the following steps:
a.Under SAML CONFIGURATION:
•Select the Enable SAML check box.
•In the ACS Binding Type field, select Post.
•In the SLO Binding Type field, select Post, Redirect or Both as per your preferred configuration.
•Click APPLY CHANGES.
c.Under IDP LIST, click Add IDP and perform the following steps:
•Under IDP CONFIGURATION, in the IDP Name field, enter a name for the identity provider (for example, SAS).
•Under IDP ATTRIBUTES, in the User Name field, enter subject.nameid.
•Click APPLY CHANGES.
d.In the IDP LIST, the newly created identity provider (for example SAS) is listed. In the IDP Name column, double-click on the name of the newly created identity provider.
e.Under IMPORT IDP METADATA, click Choose File to search and select the metadata file that you download earlier from the SafeNet Trusted Access console and then click Import.
f.Click the SAML tab again.
g. Under IDP LIST, select the newly created identity provider (for example, SAS) and then click Authenticate.
6.On the pop-up window, click OK.
After completing the first step of configuring SafeNet Trusted Access in Array AG SSL VPN, the second step is to activate the Array AG SSL VPN application in SafeNet Trusted Access by performing the following steps:
1.In the Applications pane, you will notice that the Array AG SSL VPN application that you added previously is currently in inactive state by default. To configure and activate this application, click the application (for example, Array AG SSL VPN) and proceed to the next step.
2.Under STA Setup, click Upload Array AG SSL VPN Metadata.
3.On the Metadata upload window, click Browse to search and select the Array AG SSL VPN metadata that you downloaded earlier in step 5(b) of the Array AG SSL VPN Setup section.
Under Account Details, in the fields, the service provider’s metadata information is displayed.
4.Click Save Configuration to save the details and activate the Array AG SSL VPN application in SafeNet Trusted Access.
Navigate to the Virtual site URL, https://<IP address of the virtual server that is configured in Array AG SSL VPN>. You will be redirected to the SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the virtual site after authentication.
Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click on the Array AG SSL VPN application icon, you should be redirected to the virtual site after authentication.
© 2018 SafeNet Trusted Access. Various trademarks held by their respective owners.