Nortel Networks 5399, 8000 quick start Set the RAC’s ACP host, Set vcli security

Page 23

Quick-Start Guide

ACP Security on a Microsoft NT Server

To setup ACP security on a Windows NT Server, you can use native NT user accounts. Each user must have local logon access rights and belong to a group that has global authentication. The NT server must also have access to the domain’s Primary Domain Controller (PDC).

ACP Security on a UNIX Server

To setup ACP security on a UNIX server, perform the following:

1.Log on to the UNIX server as superuser.

2.Create the password file /usr/annex/acp_passwd. The format for acp_passwd is the same as /etc/passwd.

3.To add a user’s password enter username:: and then run ch_passwd.

Authentication Setup

Set up RAC to authenticate on the security server:

1.Log on to the RAC as superuser and run admin. Enable security on the RAC by typing:

admin: set annex enable_security y

2.Set the RAC’s ACP host.

admin: set annex pref_secure1_host <ip addr of ACP host>

3.Leave cli security off so you can access the RAC from the console. admin: set port cli_security n

4.Set vcli security.

admin: set annex vcli_security y

5.Reset the RAC for the configuration changes to take effect. admin: reset annex all

6.After the RAC is reset, try to log on to the RAC through a telnet session. If security is working you may go ahead and set cli security using the following admin command:

admin: set port cli_security y

300855-C Rev. 00

11

Image 23
Contents Page Statement of Conditions Copyright 1999 Nortel NetworksTrademarks Restricted Rights LegendIii Rev.00 Contents Page Before You Begin PrefaceText Conventions Acronyms Related Publications Technical Solutions Center Telephone Number How to Get HelpPage Quick-Start Tasks Quick-Start GuideQuick-Start Tasks IP Addresses Task 1 Site PreparationOrder Line Provisioning Software Image Task 2 Install RAC SoftwareTask 3 Install the RAC Boot SequencePress the space bar to enter monitor mode Task 4 RAC ConfigurationEnter r slot number to reset Set the Network Addresses At the ROM monitor prompt, enter seq. The system responds Configure the Interface SequenceSet the Operating Image Enable the allowsnmpsets Parameter Task 5 Boot the RACAdmin set wan=1 switchtype AT9 Task 6 Configure the Switch TypeACP Security Task 7 Set Switch ParametersTask 8 Configure Security Set vcli security Set the RAC’s ACP hostSet the RAC’s accounting host Configure the Radius host Set the RAC’s Radius hostRadius Security Set PPP security protocol Reboot the RAC for the configuration changes to take effectPPP Setup Task 10 Customizing the RAC Task 9 Reboot the RACSet up the RAC so that addresses are on the DS0s RoadmapTask Documentation Installing and Configuring the RACTask Tools and Documentation Windows NT Customizing the RACRAC Reference Documentation Quick-Start Guide