Changing Encryption Key - 3Com 3C421600A Management Manual

Changing Encryption
Key
Users must logon locally to allow the user to use Windows NT security
with the RAS 1500. For example, follow these steps:
1 Log on to the NT Server as Administrator.
2 Open the Administrative Tools Program Group.
3 Double-click the User Manager for Domains Program Group icon. The
User Manager screen appears.
4 Click the single or multiple users you want to assign remote-access rights.
5 In the User Rights from Policies list, select "logon locally."
6 Click OK.
Table 52 shows NT event viewer messages that help when
troubleshooting the RAS 1500.
Table 52 Event Viewer Messages
Message ID Message
1 Security Service installed successfully
2 Security Service disabled
3 Security Service enabled successfully
with encryption key (key)
4 Security Service stopped
5 User successfully authenticated user
RAS 1500 IP Address
6 User failed to authenticate user
RAS 1500 IP Address
For security reason, the messages communicated between the RAS 1500
and the NT Security Client are encrypted with an Encryption Key. The
default Encryption Key is "3com". The Encryption Key is stored in the NT
Registry database in the entry of "EncryptionKey", under the subkey
HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\
ABSecurityClient.
You can change the default encryption key by using NT Registry Editor. If
you change the encryption key, make sure that you also update the
ScrtyClntPasswd parameter in the RAS 1500.
If the NT Security Client is already running when you change the
encryption key, you must disable the NT Security Client service and
re-enable the service for the changes to take effect.
NOS Authentication 191