Table of Contents
Advertisement
44 Chapter 2 Configuring servers
1
2
3
4
RADIUS authentication class attribute values
Figure 8
values for VPN Router users. C is the class attribute for country, and OU is the
class attribute for organizational unit.
NN46110-600
Set up and test the operation of the RADIUS server with ACE and/or
Defender servers, depending on the type of token security you want. Do this
before attempting authentication by an IPsec client to verify that everything
on this side of the network is operating properly.
Identify and create the groups for authenticating token users, and supply the
group ID and password to all users using either token card or group password
authentication. SecurID users are created and maintained in their respective
servers, not in the VPN Router. Add the groups in the Profiles > Groups >
IPsec window.
Define the RADIUS server configuration settings for token security.
Define the Tunnels settings for IPsec. Add a RADIUS server, if necessary
(see
"Configuring IPsec authentication" on page
shows the relationship between RADIUS authentication class attribute
47).
Advertisement
Table of Contents
