Enabling OAAM for User Geo Location based Pre-Authentication
OAAM Configuration
1. Open browser and access OAAM Admin interface by URL http://<HOST>:<PORT>/oaam_admin
2. Provide admin user credentials and click on Login.
3. In the home page, Double click Groups from the left menu
4. Select Group Name as IP and Click on Search button.
5. Open My IP Range group-
6. Click the IP Ranges tab
7. Click on (+) icon.
8. Provide the IP range and click on Add Button.
9. IP range will be successfully added.
10. Final screen will look like-
11. Double click Policies from the left menu
12. Search and click to open the IP Check
13. Select the Rules tab
14. Click on (+) icon
15. Provide the following details.
Rule Name: Restricted IPs
Policy Name: IP Check
Rule Status: Active
Rule Notes: Restricted IPs
16. Go to Conditions tab and click on (+) icon.
17. Search for IP in Range condition. Select and Click on Add.
18. Select LOCATION: IP in Range condition and provide following values-
Is IP in IP range group: True
IP range group: My IP Range
19. Click the Save button
20. Go to Results tab. Provide the following details-
Action Group: OAAM Block
Alert Group: OAAM Restricted IP
21. Click on Apply.
Testing
1. Start Webgate for which you have configured TAP Scheme.
2. Access the protected Application URL – http://<WEBGATE_HOST>:<WEBGATE_PORT>/index.html
3. User will be redirected to OAAM Login Page. Provide the user name and click on Continue.
4. As my System’s IP is in blocked IP Address range, following message will be displayed.
5. Open My IP Range group-
6. Click the IP Ranges tab
7. Select and open the IP Range.
8. Provide the IP Range that is outside of your System’s IP and click on OK Button.
9. IP range will be successfully added.
10. Final screen will look like-
11. Logout and Login.
12. User will be redirected to OAAM Login Page. Provide the user name and click on Continue.
13. User selected device, image and phrase will be displayed.
14. Provide the Password of user and click on enter.
15. If user name and password successful then if KBA is enabled, following page will be displayed.
16. User provides the answer to the question and click on enter.
17. If answer to the question is correct then protected page will be displayed.