Difference between revisions of "Bomgar"
m (1 revision imported) |
|
(No difference)
|
Latest revision as of 12:52, 11 May 2017
Contents
Introduction
This document describes the steps to configure Bomgar with Swivel as the authentication server. Swivel can provide Two Factor authentication with SMS, Token, Mobile Phone Client, It is not currently possible to embed the TURing or Pinpad within the login page/client but these can be provided instead by Taskbar or User Portal for strong Single Channel Authentication.
Prerequisites
Bomgar Account
Bomgar Documentation
Swivel 3.x, 3.5 or higher for RADIUS groups
To use the Single Channel Image such as the TURing Image, the Swivel server must be made accessible and the security string provided through the Taskbar, User Portal or other web page, usually through a NAT.
Baseline
Bomgar Product Version 14.2.2, Product Build 51805, API Version 1.12.0
Swivel 3.10.1
Architecture
The Bomgar software makes authentication requests against the Swivel server by RADIUS.
Swivel Configuration
Configuring the RADIUS server
On the Swivel Administration console configure the RADIUS Server and NAS, see RADIUS Configuration
Configuring Two Stage Authentication
The Bomgar client software supports Two Stage Authentication. It is suggested to initially configure just with an OTC and if Two stage authentication is required, configure this once everything has been tested and proven to be working.
See Challenge and Response How to Guide
Enabling Session creation with username
To allow the TURing image, Pinpad and other single channel images, under Server/Single Channel set Allow session request by username to Yes.
Setting up Swivel Dual Channel Transports
Used for SMS, see Transport Configuration
Bomgar Configuration
The following document provided by Bomgar outlines the integration setting on Bomgar: Bomgar RADIUS Integration.
Test the RADIUS authentication
The Bomgar configuration has a test tool, and at this stage it should be possible to authenticate by SMS, hardware Token, Mobile Phone Client and Taskbar to verify that the RADIUS authentication is working for users. Either using the test tool or through the the web login page, and enter Username and if being used, the password. From the Swivel Administration console select User Administration and the required user then View Strings, and select an appropriate authentication string or OTC for the user. At the OTP prompt enter the required OTC. Check the Swivel logs for a RADIUS success or rejected message. If no RADIUS message is seen, check that the Swivel RADIUS server is started and that the correct ports are being used, and is contactable.
If this works then the client software login can be tested.
Bomgar Client login
Bomgar client login uisng Two Stage Authentication
Optional
Testing
Additional Configuration Options
Troubleshooting
Known Issues and Limitations
None
Additional Information
For assistance in Swivel installation and configuration please firstly contact your reseller and then email Swivel Secure support at support@swivelsecure.com