Before You Begin

Chapter 4

 

Setting Up Aurorean Services

Private/Public Keys for IPSec Authentication

Aurorean users who tunnel into your network using the IPSec protocol also require an El Gamal public key for authentication. The key is an embedded piece of data used to encrypt and decrypt packets exchanged between Aurorean Client and the Aurorean Network Gateway. A pair of keys, one private and one public, are generated and saved on the APS.

The public key is included in the Aurorean Client installation kit you build and distribute for your remote users (as described in Chapter 6). The exchange of keys is handled entirely by the Aurorean Client application; the user does not need to know or type the public key.

However, if the private key on the APS becomes compromised, you may need to regenerate the private/public key pair and distribute files with the new public key to your remote users. Without the current public key, IPSec users will be unable to tunnel into the network. For instructions on generating a new private/public key pair, refer to “Generating Private/Public Keys” on page 91.

Problem Notification

The Notification service that runs on both the Management and Tunnel servers generate messages when the server experiences operational difficulty. The events that trigger these messages fall into three categories:

HAlarms notify you when a significant error occurs with a service running on a Aurorean Virtual Network system or a general system problem that is preventing the server from operating normally.

HAlerts occur when an error count threshold has been crossed and an alarm condition is imminent.

HA Problem Notification typically indicates a remote client connection problem which Aurorean Client’s Prescriber feature diagnosed.

These messages appear in the View System Activity pullout and advanced message viewer (as described in Chapter 7) and can also be retrieved from system reports (as described in Chapter 8). For immediate notification when one of these events occurs, the APS can send E-mail to one or more persons

78

RiverMaster Administrator’s Guide

Page 90
Image 90
Enterasys Networks Network Card manual Private/Public Keys for IPSec Authentication, Problem Notification