RSA Security 6.1 manual Verifying a Shared Secret, Deleting a Radius Client

Page 60

Shared secret

d Click OK.

You must enter the same accounting shared secret when you configure the RADIUS client.

8Optionally, indicate whether you want to enable keepalive processing and specify how long the server waits for RADIUS packets from the client before assuming connectivity has been lost.

If you click the Assume down if no keepalive packets after checkbox, you can enter a value in the (seconds) field. If the server does not receive any RADIUS packets from this client after the specified number of seconds, the server assumes that the connection to the client is lost or that the client device has failed. When this happens, RSA RADIUS Server gracefully closes any user it has authenticated for the client. RSA RADIUS Server adjusts the counts of concurrent user connections appropriately.

NOTE: If the value you enter in the (seconds) field is too low, valid user or tunnel connections can be lost. For example, during low usage periods, a RAS device might not send any RADIUS packets to the RSA RADIUS Server, even though the device is still functioning.

Verifying a Shared Secret

To verify a shared secret on the RSA RADIUS Server:

1Open the RADIUS Clients panel.

2Select the RADIUS client whose shared secret you want to verify and click the Edit button (or double-click the RADIUS client entry).

The Edit RADIUS Client window opens.

3Enter the shared secret you think is assigned to the RADIUS client in the

field.

4Click the Validate button.

If you entered the correct shared secret, the Validation Successful window opens. Click OK.

Deleting a RADIUS Client

To delete a RADIUS client:

1Open the RADIUS Clients panel.

48

Administering RADIUS Clients

September 2005

Image 60

Contents RSA Radius Server 6.1 Administrator’s Guide Contact Information Trademarks Distribution Contents Chapter Installing the RSA Radius Server Chapter Administering Profiles Glossary Index About This Guide AudienceWhat’s In This Manual Syntax Conventions Related Documentation RSA Radius Server DocumentationVendor Information Requests for Comments RFCsGetting Support and Service Third-Party ProductsBefore You Call for Customer Support RSA Radius Server Features About RSA Radius ServerRSA Radius Server Overview About RSA Radius Server SeptemberRSA Radius Authentication Radius Packets Radius Configuration Radius Server ConfigurationRadius Client Configuration Shared Secrets RadiusRadius Secret Replication SecretNode Secret Authentication Radius PortsAccounting Accounting Sequence Comma-Delimited Log FilesTunneled Accounting Attributes DictionariesVendor-Specific Attributes Make/Model FieldChecklist Attributes Attribute ListsUpdating Attribute Information Attribute Values Return List AttributesMulti-Valued Attributes Default Values Orderable AttributesSystem Assigned Values Echo PropertyCentralized Configuration Management Replacing a Replica Radius Server Designating a New Primary Radius ServerRecovering a Replica After a Failed Download Changing the Name or IP Address of a ServerInstalling the RSA Radius Server Before You BeginRequired Files Data Migration/RegistrationInstalling on Windows System RequirementsInstalling the RSA Radius Server If you are installing a Replica RSA Radius Server, clickUninstalling the RSA Radius Server Software Installing on Solaris Installer SyntaxPath Installing the RSA Radius Server Software ReppkgEnter RSA administration port Stopping and Starting the Radius Daemon Migration Log File Installing on Linux Linux Server System RequirementsShould be overwritten Installing the RSA Radius Server Software Enter RSA administration port Etc/init.d/sbrd stop # ./uninstallrsa.sh Using RSA Radius Administrator Running RSA Radius AdministratorNavigating in RSA Radius Administrator RSA Radius Administrator MenusFile Menu See , Administering Radius Clients on Panel MenuRSA Radius Administrator Toolbar Web MenuHelp Menu RSA Radius Administrator Windows Adding an EntryEditing an Entry Sample Add WindowCutting/Copying/Pasting Records Sample Edit WindowUsing Context Menus Resizing ColumnsChanging Column Sequence Sorting InformationAccessing Online Help Displaying Version InformationAdding a License Key Exiting the RSA Radius Administrator Add a License for Server WindowAdministering Radius Clients Radius Clients PanelAdding a Radius Client Add Radius Client WindowSecret to display the characters in the shared secret Verifying a Shared Secret Deleting a Radius ClientPage Administering Radius Clients September Administering Profiles Adding a Checklist or Return List Attribute for a ProfileAbout Profiles Default Profile Resolving Profile and User AttributesSetting Up Profiles Adding a ProfileClick Add to add this attribute/value pair to the list Removing a Profile Administering Profiles September Displaying Server Authentication Statistics Displaying StatisticsStatistics Panel System Authentication Statistics Radius client is sending incorrectly formed packets to Displaying Server Accounting Statistics Statistics Panel System Accounting StatisticsAccounting Statistic Meaning Resetting Server Statistics Displaying Radius Client StatisticsOptionally, sort the messages by clicking a column header Displaying Statistics September Administering Radius Servers Replication Panel Adding a Radius Server ManuallyAdd Server Window Enabling a Radius Server Deleting a Radius ServerPublishing Server Configuration Information Notifying Replica Radius ServersRecovering a Replica After a Failed Download Designating a New Primary Radius ServerChanging the Name or IP Address of a Server Regenerating a Node Secret Resetting the Radius Database Administering Radius Servers September Using the Radius System Log LoggingLogging Files Level of Logging Detail Controlling Log File SizeUsing the Accounting Log Accounting Log File FormatFirst Line Headings Comma PlaceholdersStandard Radius Accounting Attributes Acct-Status-TypeAcct-Input-Packets Ldap Configuration Interface File P e n d i x aAbout the Ldap Configuration Interface Ldap UtilitiesLdap Requests Downloading the Ldap UtilitiesConfiguring the Ldap TCP Port Ldap Version ComplianceLdap Virtual Schema Available AttributesLdap Schema Slide 2 Ldap Schema Slide 3 Cn=username,o=radius -w passcode cachedPW Unspecified or 0.0.0.0 RAS IP address When you display Ldap Command Examples Searching for RecordsModifying Records Ldapmodify Option MeaningWhere Adding Records Deleting Records Statistics Variables Counter StatisticsStattype server Stattype authentication Stattype accountingRate Statistics Using the Ldap Configuration Interface September Glossary AAADNS Tokencode Radius Servers TLS 104 Glossary September Index Tokencode