Chapter | Enterasys Networks Network Card specification

Adding an Authorization Plug-In

Chapter 4

Setting Up Aurorean Services

10Type the path of the SecurID configuration file (SDCONF.rec) in the ACE/Server and click OK or find the file on the network by clicking the browse button to the right of the field.

If you typed the correct path of the configuration file, it is downloaded to its proper site on the APS and the plug-in saved. If you clicked the browse button, an Open window appears prompting you to locate the file. When you find and select it, click Open and the Specify SecurID configuration file window will reappear. Then click OK and the process is complete. Optionally, you can copy the file off the ACE/Server to a floppy disk, load the disk in the RiverMaster floppy drive, and browse for the file on the a: drive.

NOTE

If a new SDCONF.rec becomes available, select the SecurID plug-in from the Auth Service list, click Properties and Update Configuration File, and repeat Step 10.

90	RiverMaster Administrator’s Guide

Image 102

Enterasys Networks Network Card manual Chapter

Contents

RiverMaster Administrator’s Guide Office Table of Contents Configuring an ANG-3000/7000 Setting Up Aurorean Services Managing Users & Groups Adding POPs for Corporate ISPs 114 Generating Reports Index Contents of the Guide About This Guide About This Guide Conventions Used in this Guide Related Documents Xii System Requirements Hardware Requirements Software Requirements Installing the ApplicationInstallation Steps Upgrading a Previous Release When the Welcome window appears, click Next to continue Installing the Application Starting the Application for the First Time First-Time Setup Information To start RiverMaster, perform the following steps Do one of the following Select APS Window RiverMaster Login Window RiverMaster Main Interface Removing RiverMaster Files Removing RiverMaster Files Default location for this folder is C\Program Files\ Locate the RiverMaster program folderDelete the RiverMaster folder Restart your computer Getting Started with RiverMaster RiverMaster Overview Curre Logging into RiverMaster Logging into RiverMaster Logging into RiverMaster Problem Summary & Users Logged Checking Server StatusChecking Server Status Aurorean Network Gateway Statistics Aurorean Network Gateway Status Information Aurorean Policy Server Statistics Aurorean Network Gateway Statistics Aurorean Policy Server Services Service Function If Stopped FTP Aurorean Policy Server Services Setting Up a Aurorean Virtual Network the First Time Setting Up a Aurorean Virtual Network the First Time Add user accounts to each group as described in Chapter Setting Up a Aurorean Virtual Network the First Time Page Configuring an ANG-3000/7000 Configuration Pullout Before You BeginBefore You Begin Allocating IP/IPX Addresses to Remote Clients Before You Begin Remote Client Virtual Subnet Usage Configuring an ANG-3000/7000 Virtual Subnets for Site-to-Site and Remote Access Tunnels Intelligent Client Routing Intelligent Client Routing Disabled Intelligent Client Routing Enabled Network NAT ServerAurorean Gateway Site-to-Site Configuration Site-to-Site Tunnels AutoLink Recovery Primary Aurorean System General Aurorean Network Gateway Settings General Aurorean Network Gateway Settings General Aurorean Network Gateway Settings Click the DNS tab DNS server addresses tab page appears as shown in Figure Click the Wins tab Wins Server Addresses Click the NAT tab NAT Server Address Aurorean Alternate Address Info window appears as shown Viewing Aurorean Alternate Address InformationClick Apply to save your changes Primary addresses cannot be modified in this window Tunnel Protocols Tunnel Protocols Tunnel Protocol General Settings Tunnel Protocols window appears as shown in Figure Click the Authentication tab Tunnel Protocol Authentication Settings Click the Encryption tab Do one of the following Parameter Explanation Tunnel Protocol Encryption Settings Click the Compression tab Tunnel Parameter Explanation Protocol Enable or disable Mppc as required Tunnel Protocol Compression Settings Sample IP subnet window is shown in Figure Virtual SubnettingIP Subnetting Virtual Subnetting Click Remove to delete any configured virtual subnets Click AddAdd An IP Virtual Subnet window appears as seen in Figure IPX Virtual Networks Sample IPX virtual networks window is shown in Figure IPX Subnet Configuration for Remote Clients Routing Routing Setting Routing Protocol Parameters RIP Configuration window should appear as shown in Figure RIP Routing Protocol Configuration Repeat and for each gateway required Do one of the following Parameter Meaning Fixed Value Ospf Configuration window appears as shown in Figure Ospf Routing Protocol Configuration Routing Interfaces Adding or Removing a Routing Protocol for an Interface Adding a Routing Protocol RIP Interface Configuration window appears as shown Choose the version of RIP to use on this interface Do one of the following To enable Ospf on an interface, perform the following steps Ospf Interface Configuration window appears as shown Do one of the following Static parameter tab page is displayed as shown in Figure Routing Click Add Adding a Remote Server Remote Server Display Click Add Remote Server Add Remote Server window appears as shown in Figure Choose the tunneling protocol IPSec or Pptp Click Add Add Remote Tunnel window appears as shown in FigureAdding a Remote Server Select Enabled or Disabled in the Enabled State field Changing Server and Tunnel Properties Remote Tunnel Properties window appears as shown in Figure Adding a Remote Server Page Setting Up Aurorean Services Authorization Plug-in Options Radius Authentication Servers Plug-in Planning Private/Public Keys for IPSec Authentication Problem Notification Trace Levels Adding an Authorization Plug-In Trace Messages Display Enterasys Authentication Shows the Configuration pullout Click here to update the plug-in Radius Authorization Optionally, specify a value in the Num Threads field Adding an Authorization Plug-In Chapter Optionally, specify a value in the Num Threads field Server Type Recommended Value SecurID Authorization Create New Plug-in window will appear as shown in Figure Adding an Authorization Plug-In Chapter Specify SecurID Configuration File Window Click Create Chapter Generating Private/Public Keys Chapter Using the Notification Service to Send E-Mail Creating a Mailing List Chapter Adding an Address to a Mailing List Using the Notification Service to Send E-Mail Chapter Setting Trace Levels ANG Tunnel Management Service Window Click Set to enable the Trace Level Backing Up the Database Click on Indus River Access Starting a Database Backup Click Start on Backup Database Window similar to will appear Backing Up the Database100 Controlling Remote User Dialing & Access 101 TollSaver Database 102 Corporate Dial-Up Access 103 Corporate 104 Creating POP Packages 105 Creating POP Packages 106 Build Completed Window 107 Adding Corporate ISPs 108 109 Click the ISP Properties tab ISP Properties display will appear as show in Figure110 Select the Access Method as follows Script files are not uploaded without the .SCP extension111 Adding Corporate ISPs 112 113 Adding POPs for Corporate ISPs Adding POPs for Corporate ISPs114 Pull-down options appear as shown in below 115 This field is currently not implemented 116 Script window appears as shown in Figure 117Page Managing Users & Groups 119 Manage Users & Groups Pullout 120 Group Policies 121 Aurorean Client Installation Kits 122 Contents of a Aurorean Client Installation Kit 123 Client Synchronization 124 125 126 Open the Manage Users and Groups pullout Creating a New GroupGroup Notices Creating a New Group Manage Users and Groups Pullout Group View 128 129 Policy Explanation 130 Password Policies 131 Credit Card Policies 132 Tunnel Policies 133 Adding Users to a Group Sample User view is shown in Figure134 Corporate User Name field, type a name for the user 135 Password field, type a unique password Department field automatically defaults to the group name136 Modifying User & Group Information 137 Removing Users & Groups 138 Sample Group view is shown in Figure Creating an Aurorean Client Installation KitCreating an Aurorean Client Installation Kit 139 Build Client Install Kit Window 140 Default Aurorean installation kit file name is Set the Install Kit Options as follows141 Advanced Kit Options Window 142 143 Kit Complete Message 144 Controlling Client Synchronization Controlling Client Synchronization145 Viewing Group Policies 146 Open the Configuration pullout Click the Update tab Building Core Data Files147 Build Core Data Files Display 148 Uploading Software Synchronization Files 149 Upload Software Synchronization Files Display 150 Click Upload to copy the file you chose onto the APS 151 Group Notice display appears as shown in Figure Setting Up Group NoticesSetting Up Group Notices 152 Chapter Managing Users & Groups 153 Click the arrow in the Group field and select a group Group pull-down screen appears as shown in Figure154 Write your notice in the text box Message you write is limited to 256 characters. See Figure155 Page Monitoring System Activity Current Message Activity157 Sample message activity view is shown in Figure To view message activity, perform the following stepsOpen the View System Activity pullout Monitoring System Activity System Activity Display 159 160 Message ID Message Type Detailed Description 161 Text 162 Tunnelid 163 Advanced Message Viewer 164 Advanced Message View Setup Example 165 Message Type Explanation 166 167 Advanced Message Viewer Results Example 168 Printing Messages 169 RiverMaster Options RiverMaster Options window displays as shown in Figure170 RiverMaster Options Window 171 172 Viewing Tunnel Activity Viewing Tunnel ActivityTunnel Statistics window appears similar to Figure 173 Describes the types of statistics you can choose Value Meaning Trends to Look For174 175 Using Snmp to Gather Statistics 176 Report Contents Generating Reports Report Contents Heading Explanation178 Network Gateway Report 179 Network Gateway Report Values 180 Max Tunnels GRE/IPSEC Display Network Gateway Report Client Anomaly Report 182 Client Report 183 Client Session Report Values 184 Conn Speed 185 Displays a typical Client Session Summary Report Client Session Summary Report Accounting Report 187 Displays a typical Accounting Summary Report 188 Accounting Summary Report Drill-down Accounting Detail Report Downloading, Viewing and Exporting Reports Downloading, Viewing and Exporting ReportsChoose from daily, weekly, monthly or custom options 190 191 Report Viewing Window 192 Printing Reports 193 Select Disk file in the Destination field Exporting ReportsExport window appears as shown in Figure 194 If you want this export format Go to 195 Choose Export File Window 196 Exporting Records Window 197 Export To Directory window appears as shown in Figure 198 Number and Date Format Dialog box appears as shown 199 Enter Odbc Table Name dialog box appears as shown 200 Select Workbook Window 201 Lines Per Page Dialog Box Format Options Dialog Box Exporting Reports to a Microsoft Exchange Folder 203 Select Exchange Folder in the Destination field and click OK Choose Profile Window Select a folder window appears as shown in Figure 205 Click on a folder to store the report and click OK 206 Exporting Reports Using Mapi 207 Send Mail window appears as shown in Figure Export is now complete208 Glossary 209 AutoLink Recovery 210 Generic Routing Encapsulation GRE 211 Network Administrator 212 Point-to-Point Tunneling Protocol Pptp 213 Remote Client/User 214 TollSaver Database 215Page ANG-3000/7000 Preconfiguration Stored on a Floppy Disk 217 Adding Remote Gateways Adding Remote GatewaysAdd Remote ANG window appears as shown in Figure 218 Add Remote ANG Window 219 Remote ANG Configuration screen appears as shown in Figure Configuring ANG IP AddressesUnder Remote Gateways, click Configure Remote Gateway 220 Click Next Configuring Tunnel ProtocolsEnter values in the open fields as follows 221 Configuring Tunnel Protocols 222 Click on the Authentication tab 223 Click the Encryption tab Do one of the following 224 225 Click the Compression tab Compression properties screen appears as shown in Figure226 Enable or disable Mppc as required 227 Configuring Virtual Subnets 228 229 Configuring Routing Protocols Configuring Routing Protocols230 231 Ospf Properties 232 233 Configuring Routing Interfaces Configuring Routing Interfaces234 235 Configuring RIP for the Interface 236 237 Configuring Ospf on an Interface Set the RIP Route Importing/Exporting options as follows238 Creating Static Routes 239 Appendix B 240 241 Creating Remote Connections Creating Remote Connections242 Remote Connection Configuration Window 243 Tunnel Values section, enter a User Name 244 245 246 Loading the Floppy Disk Loading the Floppy Disk247 Remove the floppy disk 248 Enterasys Networks License Agreement License Grant249 Warranty AppendixC250 Appendix C Infringement IndemnificationLimitation of Liability 251 Applicable Law TerminationInternational Provisions 252 Government Commercial Computer Software 253 Support from Enterasys Networks Technical SupportSupport from Authorized Resellers 254 Symbols Numerics255 Index 256 190-208 New257 110 109111 113 48, 224 259 Radius 260 203-206 261 UDP 262 263