Manuals / Enterasys Networks / Computer Equipment / Network Card

Enterasys Networks Network Card manual Server Type Recommended Value

Models: Network Card

1 276

Download 276 pages 57.43 Kb

Page 98

Adding an Authorization Plug-In	Chapter 4
	Setting Up Aurorean Services

11In the Timeout field, enter the number of seconds the APS should wait before resending an authentication request.

If the RADIUS server fails to respond to an authentication request within the time specified, the APS automatically resends the request. Depending upon the type of RADIUS server you use, set this field as follows:

Server Type	Recommended Value

Steel-Belted RADIUS	10 seconds

MS RADIUS	10 seconds

SecurID over RADIUS	30 seconds

12In the Retry field, enter the number of times the APS should resend an authentication request.

For example, when this field is set to 2, the APS resends an authentication request twice before declaring the RADIUS server unreachable. Depending upon the type of RADIUS server you use, set this field as follows:

Server Type	Recommended Value

Steel-Belted RADIUS	3 retries

MS RADIUS	3 retries

SecurID over RADIUS	1 retry

13If you were unable to create an Enterasys group on your RADIUS server and need to reuse an existing group attribute, enter the attribute number in the Group Attrib. field.

Authentication messages passed between the APS and the RADIUS server must carry a group attribute. If the RADIUS server management application prevented you from creating an Enterasys group attribute, you can take over a pre-defined attribute and use it for VPN authentication. For example, the standard attribute Login- LAT-Group can be used by entering its number, 36, in this field. For a complete list of attribute numbers, refer to the IETF RFC 2138.

86	RiverMaster Administrator’s Guide

Image 98

Enterasys Networks Network Card manual Server Type Recommended Value

Contents

RiverMaster Administrator’s Guide Office Table of Contents Configuring an ANG-3000/7000 Setting Up Aurorean Services Managing Users & Groups Adding POPs for Corporate ISPs 114Generating Reports Index Contents of the Guide About This GuideAbout This Guide Conventions Used in this Guide Related DocumentsXii System Requirements Hardware RequirementsSoftware Requirements Installing the ApplicationInstallation Steps Upgrading a Previous ReleaseWhen the Welcome window appears, click Next to continue Installing the ApplicationStarting the Application for the First Time First-Time Setup Information To start RiverMaster, perform the following stepsDo one of the following Select APS WindowRiverMaster Login Window RiverMaster Main Interface Removing RiverMaster Files Removing RiverMaster FilesDelete the RiverMaster folder Restart your computer Default location for this folder is C\Program Files\Locate the RiverMaster program folder Getting Started with RiverMaster RiverMaster OverviewCurre Logging into RiverMaster Logging into RiverMasterLogging into RiverMaster Checking Server Status Problem Summary & Users LoggedChecking Server Status Aurorean Network Gateway Statistics Aurorean Network Gateway Status InformationAurorean Policy Server Statistics Aurorean Network Gateway StatisticsAurorean Policy Server Services Service Function If StoppedFTP Aurorean Policy Server Services Setting Up a Aurorean Virtual Network the First Time Setting Up a Aurorean Virtual Network the First TimeAdd user accounts to each group as described in Chapter Setting Up a Aurorean Virtual Network the First Time Page Configuring an ANG-3000/7000 Before You Begin Configuration PulloutBefore You Begin Allocating IP/IPX Addresses to Remote Clients Before You Begin Remote Client Virtual Subnet Usage Configuring an ANG-3000/7000 Virtual Subnets for Site-to-Site and Remote Access Tunnels Intelligent Client RoutingIntelligent Client Routing Disabled Intelligent Client Routing EnabledNetwork NAT ServerAurorean GatewaySite-to-Site Configuration Site-to-Site TunnelsAutoLink Recovery Primary Aurorean System General Aurorean Network Gateway Settings General Aurorean Network Gateway SettingsGeneral Aurorean Network Gateway Settings Click the DNS tab DNS server addresses tab page appears as shown in FigureClick the Wins tab Wins Server AddressesClick the NAT tab NAT Server AddressAurorean Alternate Address Info window appears as shown Viewing Aurorean Alternate Address InformationClick Apply to save your changes Primary addresses cannot be modified in this windowTunnel Protocols Tunnel ProtocolsTunnel Protocol General Settings Tunnel Protocols window appears as shown in FigureClick the Authentication tab Tunnel Protocol Authentication SettingsClick the Encryption tab Do one of the following Parameter ExplanationTunnel Protocol Encryption Settings Click the Compression tab Tunnel Parameter Explanation ProtocolEnable or disable Mppc as required Tunnel Protocol Compression SettingsSample IP subnet window is shown in Figure Virtual SubnettingIP Subnetting Virtual SubnettingAdd An IP Virtual Subnet window appears as seen in Figure Click Remove to delete any configured virtual subnetsClick Add IPX Virtual Networks Sample IPX virtual networks window is shown in FigureIPX Subnet Configuration for Remote Clients Routing RoutingSetting Routing Protocol Parameters RIP Configuration window should appear as shown in FigureRIP Routing Protocol Configuration Repeat and for each gateway required Do one of the following Parameter Meaning Fixed ValueOspf Configuration window appears as shown in Figure Ospf Routing Protocol ConfigurationRouting Interfaces Adding or Removing a Routing Protocol for an Interface Adding a Routing Protocol RIP Interface Configuration window appears as shown Choose the version of RIP to use on this interfaceDo one of the following To enable Ospf on an interface, perform the following steps Ospf Interface Configuration window appears as shownDo one of the following Static parameter tab page is displayed as shown in FigureRouting Click Add Adding a Remote Server Remote Server DisplayClick Add Remote Server Add Remote Server window appears as shown in FigureAdding a Remote Server Choose the tunneling protocol IPSec or Pptp Click AddAdd Remote Tunnel window appears as shown in Figure Select Enabled or Disabled in the Enabled State field Changing Server and Tunnel PropertiesRemote Tunnel Properties window appears as shown in Figure Adding a Remote Server Page Setting Up Aurorean Services Authorization Plug-in Options Radius Authentication ServersPlug-in Planning Private/Public Keys for IPSec Authentication Problem NotificationTrace Levels Adding an Authorization Plug-In Trace Messages DisplayEnterasys Authentication Shows the Configuration pulloutClick here to update the plug-in Radius Authorization Optionally, specify a value in the Num Threads fieldAdding an Authorization Plug-In Chapter Optionally, specify a value in the Num Threads field Server Type Recommended Value SecurID Authorization Create New Plug-in window will appear as shown in FigureAdding an Authorization Plug-In Chapter Specify SecurID Configuration File Window Click CreateChapter Generating Private/Public Keys Chapter Using the Notification Service to Send E-Mail Creating a Mailing ListChapter Adding an Address to a Mailing List Using the Notification Service to Send E-Mail Chapter Setting Trace Levels ANG Tunnel Management Service WindowClick Set to enable the Trace Level Backing Up the DatabaseClick on Indus River Access Starting a Database Backup Click Start on Backup Database100 Window similar to will appearBacking Up the Database Controlling Remote User Dialing & Access 101TollSaver Database 102Corporate Dial-Up Access 103Corporate 104Creating POP Packages 105Creating POP Packages 106Build Completed Window 107Adding Corporate ISPs 108109 110 Click the ISP Properties tabISP Properties display will appear as show in Figure 111 Select the Access Method as followsScript files are not uploaded without the .SCP extension Adding Corporate ISPs 112113 114 Adding POPs for Corporate ISPsAdding POPs for Corporate ISPs Pull-down options appear as shown in below 115This field is currently not implemented 116Script window appears as shown in Figure 117Page Managing Users & Groups 119Manage Users & Groups Pullout 120Group Policies 121Aurorean Client Installation Kits 122Contents of a Aurorean Client Installation Kit 123Client Synchronization 124125 126 Open the Manage Users and Groups pullout Creating a New GroupGroup Notices Creating a New GroupManage Users and Groups Pullout Group View 128129 Policy Explanation 130Password Policies 131Credit Card Policies 132Tunnel Policies 133134 Adding Users to a GroupSample User view is shown in Figure Corporate User Name field, type a name for the user 135136 Password field, type a unique passwordDepartment field automatically defaults to the group name Modifying User & Group Information 137Removing Users & Groups 138Sample Group view is shown in Figure Creating an Aurorean Client Installation KitCreating an Aurorean Client Installation Kit 139Build Client Install Kit Window 140141 Default Aurorean installation kit file name isSet the Install Kit Options as follows Advanced Kit Options Window 142143 Kit Complete Message 144145 Controlling Client SynchronizationControlling Client Synchronization Viewing Group Policies 146147 Open the Configuration pullout Click the Update tabBuilding Core Data Files Build Core Data Files Display 148Uploading Software Synchronization Files 149Upload Software Synchronization Files Display 150Click Upload to copy the file you chose onto the APS 151Group Notice display appears as shown in Figure Setting Up Group NoticesSetting Up Group Notices 152Chapter Managing Users & Groups 153154 Click the arrow in the Group field and select a groupGroup pull-down screen appears as shown in Figure 155 Write your notice in the text boxMessage you write is limited to 256 characters. See Figure Page 157 Monitoring System ActivityCurrent Message Activity Sample message activity view is shown in Figure To view message activity, perform the following stepsOpen the View System Activity pullout Monitoring System ActivitySystem Activity Display 159160 Message ID Message Type Detailed Description 161Text 162Tunnelid 163Advanced Message Viewer 164Advanced Message View Setup Example 165Message Type Explanation 166167 Advanced Message Viewer Results Example 168Printing Messages 169170 RiverMaster OptionsRiverMaster Options window displays as shown in Figure RiverMaster Options Window 171172 Viewing Tunnel Activity Viewing Tunnel ActivityTunnel Statistics window appears similar to Figure 173174 Describes the types of statistics you can chooseValue Meaning Trends to Look For 175 Using Snmp to Gather Statistics 176Report Contents Generating Reports178 Report ContentsHeading Explanation Network Gateway Report 179Network Gateway Report Values 180Max Tunnels GRE/IPSEC Display Network Gateway ReportClient Anomaly Report 182Client Report 183Client Session Report Values 184Conn Speed 185Displays a typical Client Session Summary Report Client Session Summary ReportAccounting Report 187Displays a typical Accounting Summary Report 188Accounting Summary Report Drill-down Accounting Detail ReportDownloading, Viewing and Exporting Reports Downloading, Viewing and Exporting ReportsChoose from daily, weekly, monthly or custom options 190191 Report Viewing Window 192Printing Reports 193Select Disk file in the Destination field Exporting ReportsExport window appears as shown in Figure 194If you want this export format Go to 195Choose Export File Window 196Exporting Records Window 197Export To Directory window appears as shown in Figure 198Number and Date Format Dialog box appears as shown 199Enter Odbc Table Name dialog box appears as shown 200Select Workbook Window 201Lines Per Page Dialog Box Format Options Dialog BoxExporting Reports to a Microsoft Exchange Folder 203Select Exchange Folder in the Destination field and click OK Choose Profile WindowSelect a folder window appears as shown in Figure 205Click on a folder to store the report and click OK 206Exporting Reports Using Mapi 207208 Send Mail window appears as shown in FigureExport is now complete Glossary 209AutoLink Recovery 210Generic Routing Encapsulation GRE 211Network Administrator 212Point-to-Point Tunneling Protocol Pptp 213Remote Client/User 214TollSaver Database 215Page ANG-3000/7000 Preconfiguration Stored on a Floppy Disk 217Adding Remote Gateways Adding Remote GatewaysAdd Remote ANG window appears as shown in Figure 218Add Remote ANG Window 219Remote ANG Configuration screen appears as shown in Figure Configuring ANG IP AddressesUnder Remote Gateways, click Configure Remote Gateway 220Click Next Configuring Tunnel ProtocolsEnter values in the open fields as follows 221Configuring Tunnel Protocols 222Click on the Authentication tab 223Click the Encryption tab Do one of the following 224225 226 Click the Compression tabCompression properties screen appears as shown in Figure Enable or disable Mppc as required 227Configuring Virtual Subnets 228229 230 Configuring Routing ProtocolsConfiguring Routing Protocols 231 Ospf Properties 232233 234 Configuring Routing InterfacesConfiguring Routing Interfaces 235 Configuring RIP for the Interface 236237 238 Configuring Ospf on an InterfaceSet the RIP Route Importing/Exporting options as follows Creating Static Routes 239Appendix B 240241 242 Creating Remote ConnectionsCreating Remote Connections Remote Connection Configuration Window 243Tunnel Values section, enter a User Name 244245 246 247 Loading the Floppy DiskLoading the Floppy Disk Remove the floppy disk 248249 Enterasys Networks License AgreementLicense Grant 250 WarrantyAppendixC Appendix C Infringement IndemnificationLimitation of Liability 251Applicable Law TerminationInternational Provisions 252Government Commercial Computer Software 253Support from Enterasys Networks Technical SupportSupport from Authorized Resellers 254255 SymbolsNumerics Index 256257 190-208New 110 109111 11348, 224 259Radius 260203-206 261UDP 262263