Select this option to enable Domain Name System (DNS) lookup for available OneSpan Authentication Server instances. If DNS lookup is enabled, the server(s) to which Digipass Authentication for IIS Basic is connecting will be chosen in order of their weight value set in the DNS server record. Server order is randomized on equal weight.

If DNS lookup fails or is disabled, the static configuration values are used.

Type the DNS record name used for the OneSpan Authentication Server instance in your DNS configuration. This value must match the name specified during the initial OneSpan Authentication Server configuration. It is not necessary (and not recommended) to change this value.

Digipass Authentication for IIS Basic performs a couple of DNS queries by appending ._tcp and all connection-specific DNS suffixes to the specified service name. For instance, if you have a primary DNS suffix company.com, Digipass Authentication for IIS Basic queries _ias-soap._tcp and _ias-soap._tcp.company.com.

For best performance, you can set DNS server service name to a fully qualified name with a terminating dot, ‘.’, e.g.

_ias-soap._tcp.company.com.

In that case, Digipass Authentication for IIS Basic performs a DNS lookup only with the specified value.

The default setting is _ias-soap.

Type the IP address of the primary OneSpan Authentication Server instance. This setting is used if DNS lookup fails or is disabled.

Type the IP port of the primary OneSpan Authentication Server instance. This setting is used if DNS lookup fails or is disabled.

The default setting is 8888.

Type the IP address of the backup OneSpan Authentication Server instance. This setting is used if DNS lookup fails or is disabled and the primary server is not available.

Type the IP port of the backup OneSpan Authentication Server instance. This setting is used if DNS lookup fails or is disabled and the primary server is not available.

The default setting is 8888.

Select this option to verify the server SSL certificate for validity when establishing secure connections via SSL, by checking whether the certificate is in the Trusted Root Certification Authorities certificate store. If this check box is cleared, any SSL certificate from the server will be accepted.

For more information about the server SSL certificate and certificate trust, see Server TLS/SSL certificate for secure communication.

Because accepting any SSL certificate from the server constitutes a major security risk, always select Verify server SSL certificate when in production mode.

You should disable this check only for evaluation or testing purposes, if required.

Enter the maximum time span to establish a connection to OneSpan Authentication Server for online authentication. After the timeout, the connection attempt is considered failed and the authentication also fails. The value is given in seconds.

The default setting is 5.

Click this button to verify that your connection settings are valid and a connection to the authentication server can be established. If the connection test fails, a corresponding error message will be displayed.