Dynamic Device Configuration Elements

CONFIGURING OFF-NODE SERVER INFORMATION

Dynamic Device Option

USING MANAGE MODE

offnode

Allows you to change current settings for off-node server options. You may use this command to enable and configure the dynamic device option.

DEVICE NAME

A1 to 17-character, user-specified name. Any name may be entered. For dynamic devices, this name will not be used, but it must be entered to allow for creation of a device.

PAP PASSWORD

This password (a string of 1 to 12 ASCII characters) is used by PPP line protocol for PAP authentication. For dynamic devices, this password is not used unless the Outbound Authentication flag for the default device is enabled; but, either the password or secret is required regardless of the setting of the outbound authentication flag.

CHAP SECRET

This field (a string of 1 to 17 ASCII characters) is used by PPP line protocol for CHAP authentication. For dynamic devices, this secret is not used unless the Outbound Authentication flag for the default device is enabled; but, either the password or secret is required regardless of the setting of the outbound authentication flag.

OUTBOUND AUTHENTICATION

Since the main focus of this feature is not to require device-level authentication, the Outbound Authentication flag is disabled by default. However, if you would like to add additional security, you can enable outbound authentication for the default device. If this is the case, all terminal users dialing into the CyberSWITCH will need to pass user-level authentication, and configure their remote machines (i.e., Win95 dialup client) with:

•a user name that matches the name they will use for user-level security, and

•a password that matches the password/secret defined for the default device.

In this situation, everyone will have the same password/secret, but different names.

For more information on these and other device-level configuration elements, refer to On-node Device Database Configuration Elements.

BACKGROUND INFORMATION

Terminal Mode connections require both device-level + user-level security configurations. However, if you have a large number of users dialing in, you may not want to create an on-node or CSM database with devices for all possible users. If device-level authentication is not necessary, you can satisfy the device-level configuration requirement with the dynamic device option. This option allows the dynamic creation of devices, based on an authenticated user name, and with the device parameters associated with a “default” device. This “default” device is configured as part of the off-node server configuration. Configuration consists of enabling the dynamic device option, then specifying a PAP password or CHAP secret for the default device.

Once the dynamic device option is enabled, all terminal users dialing in will be given the same configuration parameters (such as IP enabled or disabled, etc.).

Enterasys Networks CSX6000, CSX5500, CSX7000 Dynamic Device Configuration Elements, Chap Secret

Models: CSX7000 CSX6000 CSX5500