Network Setup Examples
Network Setup Example 1: Kerberos KDC
For this example:
- The Bomgar Appliance may or may not be located behind a corporate firewall.
- Representatives may or may not be on the same network as the Bomgar Appliance.
- Representatives belong as members to a Kerberos realm.
- Representatives can communicate with their KDC (typically over port 88 UDP).
- On the Kerberos KDC, register an SPN for your Bomgar Appliance hostname and then export the keytab for this SPN from your KDC.
- Log into your Bomgar Appliance's /login interface.
- Go to Users & Security > Kerberos Keytab.
- Under Import Keytab, browse to the exported keytab and then click Upload. You should now see this SPN under the list of Configured Principals.
- Go to Users & Security > Security Providers and click Configure New Provider.
- Enter a name for this security provider configuration and set the following options:
- Server Type: Kerberos
- Service Type: Users
- Click Add Provider.
- Choose if you want to synchronize display names and then select the following options:
- User Handling Mode: Allow all users
- SPN Handling Mode: Allow all SPNs
- Optionally, select to remove the REALM portion from the User Principal Name when constructing the Bomgar username.
- You may also select a default group policy for users who authentication against this Kerberos server.
- Click Add Provider to save this configuration.