CONFIGURING SECURITY LEVEL

User Level Security

AUTHENTICATION PROCESS WITH USER LEVEL SECURITY

Making a Telnet Connection

In order to access user level security, you must first establish a Telnet connection to the CyberSWITCH. Depending upon your application, the prompts or procedures may vary; however, the information you need to provide is as follows:

host name: provide the IP address of the CyberSWITCH

port #: provide the port number of the authentication server that is connected to the system

emulation: VT100

Note that the system must be connected to the authentication server on the local LAN. Use the default value of the port number for the authentication server (RADIUS 7001, TACACS 7000, ACE 7003), unless you have changed this value in CFGEDIT. The emulation default is VT100. No change is required.

Once the Telnet connection is established, you will be prompted with a login screen.

Responding to LOGIN Prompts

The login display may vary, depending upon your database location, and the prompt order you have configured. Responses to prompts may vary, depending upon whether or not you have a security token card, and the type of security token card you have. The ACE and TACACS servers support the SecurID card; the RADIUS server does not.

If using the RADIUS server for user level authentication, enter your user Id and password onto your remote machine.

If using the ACE or TACACS server for user level authentication, procedure depends upon type of security token card.

With the SecurID PINPAD card, you enter your password onto the SecurID card, which in turn generates a dynamic password or passcode.

With the SecurID non-PINPAD card, you enter your password onto your remote machine. You then check your SecurID card for its current dynamic password or passcode.

The difference in card function is that the PINPAD card generates a dynamic password or passcode based upon your password entry; the non-PINPAD card generates a new dynamic password based upon an elapsed period of time.

Refer to the section below that summarizes the login procedure required for the type of server you are using.

RADIUS:

does not use security token card

1.Enter login Id.

2.Enter password.

Central Site Remote Access Switch 171

Page 171
Image 171
Enterasys Networks CSX5500, CSX6000, CSX7000 manual Making a Telnet Connection, Responding to Login Prompts