USER’S GUIDE

ACE AUTHENTICATION SERVER

CONFIGURING AN ACE AUTHENTICATION SERVER

Note: In order for the CyberSWITCH to reference an ACE server, the following configuration steps must first be completed:

basic IP routing information must be configured for ACE

a LAN Network interface must be configured appropriately for the IP network connected to each LAN port on the system

at least one WAN Network Interface must be configured for ACE to be operable

After ACE configuration but before attempting to access the ACE Server, both the ACE Server and the CyberSWITCH need to agree upon a “secret.” After configuring the ACE server on the CyberSWITCH, issue the sentry ace system command. This command will establish the necessary secret for communications between the two systems.

USING CFGEDIT

1.Select option (4), ACE from the Off-node Server Information menu. If you need guidance to find this menu, refer to the instructions provided in the CSM Authentication Server configuration section. The following screen will be displayed:

ACE Authentication Server Menu:

 

 

Primary (Master) Server

 

 

 

is Not Configured

 

Secondary (Slave) Server

 

 

 

is Not Configured

 

Access Request

 

 

Number of Access Retries

is 3

 

Time between Retries

is 1 second

 

Encryption Method

SDI

 

Source IP address

is Not Configured

ACE Server Options:

 

1)

Primary (Master) Server

 

2)

Secondary (Slave) Server

 

3)

Miscellaneous Information

 

4)

Load ACE configuration file.

 

Select function from above or <RET> for previous menu: 1

2.Select Primary Server and enter the following information:

a.IP address of the Authentication Server

b.UDP port number used by the Authentication Server

3.If your configuration includes an ACE Slave server, then select Secondary Server. Enter its IP address. The UDP port number for the Master and Slave servers will be the same, regardless of which server configuration screen from which it is entered.

4.Select Miscellaneous Information to finish the configuration.

a.Specify the number of access request retries that the system will send to the Authentication Server.

220 CyberSWITCH

Page 220
Image 220
Enterasys Networks CSX6000, CSX5500, CSX7000 manual Configuring AN ACE Authentication Server