Configuring Parallels RAS to use the DualShield Authentication Platform
To configure Deepnet DualShield settings:
- Specify the following:
- Server: Hostname of the Deepnet server.
- Enable SSL: Whether to use SSL when connecting to the Deepnet server.
- Port: Port used for connection to the Deepnet server.
- Agent: Agent name that will be used during registration.
- Click the Check Connection button to test that the authentication server can be reached and to verify that the RAS Console is registered as a DualShield agent. If you see the "DeepNet server not valid" message, it could be dues to the following:
- The specified server information is incorrect
- You need ot allow auto registration of the Parallels components as a DualShield agent.
- If you need to allow auto registration of the Parallels components as a DualShield agent, do the following:
- Go back to the DualShield Management Console and select Agents from the Authentication menu as shown below.
- Select Auto Registration.
- Select the Enabled option and set the date range.
- Once the Agent Auto Registration is set, go back to the RAS Console and select Yes. You should see a message that the Dual Shield agent has been successfully registered.
Please note that all RAS Connection Brokers must be registered with Deepnet DualShield server. If you are using secondary Connection Brokers, you need to close all open windows until you can press Apply in the RAS Console. This will inform all the agents to self-register as DualShield agents.
- Go back to the RAS Console and click Next.
- Specify the following:
- Application: Name of the Application created in Configuring DualShield 5.6+ Authentication Platform.
- Default domain: Domain that will be used if the domain was not specified by the user, in the Theme properties or in the Connection settings.
- In the Mode drop-down list, and select how you want your users to be authenticated:
- Mandatory for all users means that every user using the system must log in using two-factor authentication.
- Create token for Domain Authenticated Users will allow Parallels RAS to automatically create software tokens for Domain Authenticated Users. Choose a token type from the drop-down list. Note that this option only works with software tokens, such as QuickID and MobileID
- Use only for users with a DualShield account will allow users that do not have a DualShield account to use the system without have to login using two-factor authentication.
- In the Allow channels section, select the channels that will be used to send OTPs to users.
- Click Finish.