Bay Networks Remote Annex Bedienungsanleitung PDF herunterladen (Seite 25)

Configuring the Nortel Networks Remote Access Concentrators and the DMS-10 for Remote Access.March 31, 1999 25

FIGURE 14. Port PPP security Setup

Figure 14 details all the important parameters that will need to be set for host based secu-

rity to take affect. It is optional to provide a local username and password, since dial in

access should probably be denied when the redundant security servers are unavailable.

If address_origin is set to “auth_server” the RAC will use the Framed-IP-Addresses from

the RADIUS server over any assigned on a per B-Channel basis. This allows only users

with the Framed-IP-Address attribiute set to get a unique IP address. If you are using a B-

Channel dedicated IP addresses.

TABLE 3. Port Security Precedence

5.5.9 System Logging

The RAC can provide extensive logging of its events during a call setup. This information

is extremely valuable when troubleshooting connection problems. These logs are normally

(default) sent to the console port unless a syslog device has been defined.

port_security port_password

Host Security

status

action

yes set up Will use host based security password

yes unset down Will use port_password

no set don’t care Will use port_password

no unset don’t care No security (no password)

yes unset down Can’t login

global port:

local_address: 0.0.0.0 metric: 1

slip_ppp_security:*Y net_inactivity: off

do_compression: N allow_compression: N

net_inactivity_units: minutes address_origin:*auth_server

ppp_mru: 1500 ppp_acm: 0x0

ppp_security_protocol:*chap-pap ppp_username_remote: ""

ppp_password_remote: "<unset>" ppp_ncp:*ipcp,mp

ppp_sec_auto: N mp_mrru: 1500

mp_endpoint_class: mac mp_endpoint_address: ""

ipcp_unnumbered: N drop_first_req: N

Turn on security for the PPP connection

Set the security to either chap or pap

Sets to protocols to MLPP or PPP. This speeds up connection

time since Apple Talk or IPX won’t be negotiated. The default

is Auto which tries all the protocols.

IP addresses for the PPP link will be obtained from

the authentication server, ie the RADIUS server. Options

Sets local username and password. RADIUS security has

precidence over these. These are used in the chap challenge.

Allow TCPIP Header compression. (Default is NO.)

Default is NO

are Local for B channel assigned or DHCP.*Note 1

admin: Show port ppp all

Show PPP parameters

Turns on SLIP header compression

The “secret” token is the ppp_password_remote.

*Note 1: With address_origin set to “RADIUS”, the Framed-IP-Address from the RADIUS server, if provided, will have precidence

over any IP address assignments made on the B-Channels.

Bay Networks Remote Annex Bedienungsanleitung Seite 25

Kommentare zu diesen Handbüchern

Bay Networks Remote Annex Bedienungsanleitung Seite 25

Kommentare zu diesen Handbüchern

Verwandte Produkte und Handbücher für Software Bay Networks Remote Annex