Log on to the Secure SD-WAN Manager using certificate-based authentication

You can log on to the Secure SD-WAN Manager using an X.509 certificate stored in the Windows certificate store or on a smart card, such as a Common Access Card (CAC).

Before you begin

To use smart cards for authentication, you must have smart card reader hardware and software.

To use certificate files for authentication, you must save the certificates in the Windows certificate store.

You must export the TLS Credentials element that is used by the Management Server, import the certificate on each administrator's computer, and configure the operating system to trust the certificate.

Note: Certificate-based authentication is only supported for Management Clients installed in Windows 10. Certificate-based authentication is not supported for Web Portal Users.

For more details about the product and how to configure features, click Help or press F1.

Steps

  1. If you have a smart card, insert the smart card into the smart card reader.
  2. Click , then select Client Certificate from the Authentication Method options.
  3. Select the Management Server in one of the following ways.
    • Select an existing Management Server IP address or DNS name.
    • Click Add Management Server, then enter the IP address or DNS name of the Management Server.
  4. Click Log On.
  5. (First logon only) To accept the certificate chain for the Management Server, click Accept.
  6. If there is more than one certificate on the smart card or in the Windows certificate store, select the certificate to use for authentication, then click Select.
  7. (Smart card only) In the PIN field, enter then PIN for the smart card, then click Login

Result

After you log on to the Management Client, the Management Client shows the date and time when you last logged on to the Management Client, and the IP address from which you last logged on. If your administrator permissions have been changed since the last time you logged on, you are notified that your permissions have been changed.

Logon dialog box

Use this dialog box to log on to the Management Client.

Option Definition
Additional options for how to log on to the Management Client.
  • Authentication Method — Specifies the type of credentials that you use to log on to the Management Client.
    • User Name and Password — Allows you to log on to the Management Client using a user name and password.
    • Client Certificate — Allows you to log on to the Management Client using certificate-based authentication, such as a Common Access Card (CAC).
  • Language — Allows you to change the language of the Management Client user interface.
Select a Management Server

Click the Management Server to which you want to log on.

To remove a Management Server from the list, click X.

Add Management Server Adds an entry to the list of Management Servers. Enter the IP address or DNS name of the Management Server you want to use.
User Name

(When Authentication Method is User Name and Password)

Enter your user name.
Password

(When Authentication Method is User Name and Password)

Enter your password.
Log On Logs you on to the Management Client.