WALLIX Bastion

Contents

Install Trustelem Connect

Start by installing Trustelem Connect.
This will give Trustelem the ability to process LDAP and Radius authentications.
The documentation is the following:
https://trustelem-doc.wallix.com/books/trustelem-administration/page/ldap-radius-trustelem-connect
You don't need to read the chapter Setup an application to use Trustelem Connect, the specific instructions for a Bastion application will be detailed in the next chapters.
The common mistakes will be also detailed, but if the authentication is not working you should start by reading the Debug chapter in this LDAP-Radius - Trustelem Connect documentation.

Trustelem LDAP on Bastion

On Trustelem admin page

On the Bastion admin page

You now have a working LDAP authentication, with access to targets based on Trustelem groups.
/!\ Trustelem users will not be found by the Bastion before having an access rule (1 or 2 factors)
The documentation to defined the access rules is provided in the page: https://trustelem-doc.wallix.com/books/trustelem-administration/page/access-rules
For this kind of authentication, you need a LDAP access rule set to 1 factor if it will be conbined with a Radius authentication or 2 factors if not.

Trustelem Radius on Bastion for AD users

On Trustelem admin page

On the Bastion admin page

You can't test the authentication yet, first you need to define the access rules on Trustelem.
The documentation is provided in the page: https://trustelem-doc.wallix.com/books/trustelem-administration/page/access-rules
For this kind of authentication, you need a Radius access rule set to 2nd factor only If you want to skip the 2nd factor step for some users, you can select for them the rule Always allow instead on Trustelem.

If the authentication doesn't work correctly:

Trustelem Radius on Bastion for Bastion users

On Trustelem admin page

On the Bastion admin page

You can't test the authentication yet, first you need to define the access rules on Trustelem.
The documentation is provided in the page: https://trustelem-doc.wallix.com/books/trustelem-administration/page/access-rules
For this kind of authentication, you need a Radius access rule set to 2 factors

If the authentication doesn't work correctly:

Trustelem Radius on Bastion for Trustelem users

On Trustelem admin page

On the Bastion admin page

You can't test the authentication yet, first you need to define the access rules on Trustelem.
The documentation is provided in the page: https://trustelem-doc.wallix.com/books/trustelem-administration/page/access-rules
For this kind of authentication, you need a Radius access rule set to 2nd factor only If you want to skip the 2nd factor step for some users, you can select for them the rule Always allow instead on Trustelem.

If the authentication doesn't work correctly:


Revision #18
Created 1 July 2022 08:49:51 by WALLIX Admin
Updated 21 February 2024 09:38:55 by WALLIX Admin