Chapter 4

Before You Begin

Setting Up Aurorean Services

NOTE

Enterasys Networks continually tests interoperability with other RADIUS server vendors. Contact Enterasys Networks Customer Support for an up-to-date list of approved RADIUS servers.

Plug-in Planning

You can add multiple plug-ins for RADIUS or SecurID authentication. Typically, you add one plug-in for each RADIUS or SecurID authentication server on your network and preserve the Enterasys Authentication plug-in for RiverMaster logins. One plug-in must be designated as the default plug-in. When you set up your Aurorean Virtual Network for the first time, the default plug-in is Enterasys Authentication.

When Aurorean users attempt to tunnel into the corporate network, they must present a VPN user name and password for authentication. If the Aurorean Client user presents a simple user name such as BSmith, the user is authenticated against the default plug-in. Aurorean users have the ability to override the default and select another plug-in by adding an “@” symbol and the identifier for the plug-in. For example, if you add a RADIUS plug-in with the identifier RADIUS1, a Aurorean Client user can select this plug-in by entering a VPN user name such as BSmith@RADIUS1.

Threads

You can accelerate the authentication of multiple users logging in at the same time by increasing the number of threads (logins in progress) the authenticating server will handle. This function is useful if you discover that users are exceeding the timeout value allowed for authentication and are not being connected because too many clients are dialing in simultaneously.

For instructions on customizing the Enterasys Authentication plug-in and adding RADIUS and SecurID plug-ins, refer to “Adding an Authorization Plug-In” on page 80.

RiverMaster Administrator’s Guide

77

Page 89
Image 89
Enterasys Networks Network Card manual Plug-in Planning