Related Manuals for Digital Networks IG-DRAS0-00
Summary of Contents for Digital Networks IG-DRAS0-00
-
Page 1: Installation Guide
Remote Access Security Server Installation Guide Part Number: IG-DRAS0-00 November 2004 This book describes how to install the Digital Networks Remote Access Security Server software. www.digitalnetworks.net... - Page 2 Digital Networks makes no representations that the use of its products in the manner described in this publication will not infringe on existing or future patent rights, nor do the descriptions contained in this publication imply the granting of licenses to make, use, or sell equipment or software in accordance with the description.
-
Page 3: Table Of Contents
Contents Preface Intended Audience .......................v Structure of This Guide......................v Conventions ........................vi Accessing Online Information ..................viii Chapter 1 Installation Overview.......................... 1-1 In This Chapter ......................1-1 Software Components....................1-1 Release Notes ......................1-1 Microsoft Windows NT and Windows 9x, 2000 Installation .......... 1-2 Preparing for Installation .................. - Page 4 Contents Running the DRAS Server in Debug Trace Mode..........1-16 Stopping the DRAS Server ..................1-17 Files Installed ......................1-17 Deinstallation ......................1-19 Postinstallation ....................... 1-19 Introduction......................1-19 Configuring Access Server Units ................1-20 Registering Access Server Clients ................1-21 Troubleshooting Management Connection Failures ..........
-
Page 5: Preface
Preface This guide explains how to install the Digital Networks Remote Access Security Server (DRAS) software for the following operating systems: • Microsoft Windows NT • Microsoft Windows 9x, 2000 (management utility only) • OpenVMS • Tru64 UNIX Intended Audience This guide is written for system or network administrators responsible for managing remote access network devices and remote access network connections. -
Page 6: Conventions
Preface Conventions This document uses the following symbol: symbol. Calls the reader’s attention to any item of information that may be of Note special importance. NOTES The following typographical conventions are used: Convention Description italics Italic text in commands indicates variables for which you must supply a value. -
Page 7: Related Documentation
RN-DNAS0-00 Network Access Software Documents any release consideration, Release Notes restrictions, and conditions for the Network Access Software. IG-DRAS0-00 Remote Access Security Server Provides instructions on how to install Installation Guide the Remote Access Security Server. MG-DRAS0-00 Remote Access Security Server... -
Page 8: Accessing Online Information
Preface Accessing Online Information Documentation Comments Digital Networks prides itself on responding to customer needs. To continue serving you, we need your comments. If you find errors in a document or want to make comments, please E-mail your comments to: TechnicalSupport@digitalnetworks.net... -
Page 9: Chapter 1 Installation
Chapter 1 Installation Overview In This Chapter This chapter provides instructions about installing the Digital Networks Remote Access Security (DRAS) software on systems that run Microsoft Windows NT or Windows 9x, 2000 operating systems. Software Components The following table lists the software components that the DRAS installation procedure... -
Page 10: Microsoft Windows Nt And Windows 9X, 2000 Installation
Installation Microsoft Windows NT and Windows 9x, 2000 Installation Preparing for Installation The following table lists the prerequisites for installing the DRAS software on a Microsoft Windows NT or Windows 9x, 2000 system: You Need This for And This for For This: the DRAS Server: the DRAS Manager:... -
Page 11: Installing The Software
Installation Installing the Software To install the software, do the following: Step Action Insert the DRAS installation CD into your CD-ROM drive and run the appropriate SETUP.EXE file using the Program Manager or the Start menu: • If installing on a Windows NT or Windows 9x, 2000 Intel system, run \DRAS\WINNT\I386\SETUP.EXE. -
Page 12: Starting The Dras Server
Installation Starting the DRAS Server After you install the DRAS Server as an NT service, do the following to start a DRAS Server at any time: Step Action Open the Control Panel. Run the Services application. Select Remote Access Security from the displayed list. Click Start to start the DRAS service. -
Page 13: Using Host Authentication On Windows Nt Domain Controllers
Installation Using HOST Authentication on Windows NT Domain Controllers If you install the DRAS Server on a Windows NT server that is a primary domain controller, you must change the account of any local user that is authenticated by HOST authentication: Step Action... -
Page 14: Running The Dras Server In Debug Trace Mode
Installation Step Action Select the user accounts from which you will interactively run the DRAS Server and add them as members of the DRAS Server group. Log out and then log on to enable the new privileges. Running the DRAS Server in Debug Trace Mode You can run the DRAS Server from the console in debug trace mode. - Page 15 Installation File Name Description DRASCOAR.DLL Accounting database interface DRASCOUR.DLL User and server database interface DRASCOSP.DLL Static password authentication module DRASCOWW.DLL WatchWord authentication module DRASCOCH.DLL CHAP authentication module DRASCODS.DLL Defender authentication module DRASCOHP.DLL Host password authentication module DRASCOSD.DLL SecurID authentication module DRASCOSK.DLL OTP authentication module SETUPDB.EXE...
-
Page 16: Files Installed On Windows 9X, 2000 Systems
Installation Files Installed on Windows 9x, 2000 Systems The following table lists the files that the installation procedure installs: File Name Description Files in \DRAS README.TXT Release Notes DRASMAN.EXE DRAS Manager executable DRASMAN.HLP DRAS Manager online help DRASRC.DLL DRAS Manager Windows resources DRASCOAR.DLL Accounting database interface DRASCOUR.DLL... -
Page 17: Deinstallation
Installation Deinstallation To remove the DRAS software, do the following: Step Action Bring up the Control Panel. Click Add/Remove Programs. Click Digital Networks Remote Access Security Server from the list of programs. Click the Add/Remove... button to remove the software. -
Page 18: Openvms Installation
Installation OpenVMS Installation Before You Install The following table lists the prerequisites required for installing the DRAS software on an OpenVMS system: You Need This And This For This: on VAX Systems: on Alpha Systems: Operating System OpenVMS 6.2 or higher OpenVMS 6.2 or higher Minimum disk space 1000 blocks... -
Page 19: Logicals
Installation Initial Database During installation, the procedure prompts you to enter information it needs to create the initial DRAS server database. The installation procedure populates the database with: • An administration group object (default name is ADMIN). • A users group object (default name is USERS). •... -
Page 20: Files Installed
Installation To run trace mode: Step Action Stop the server if it is running as a detached process. Make sure the logical name DRAS$DIR resolves to the location of the server database files. Define DRAS$TRACE_LEVEL as 5. Start the server using the following command: >... - Page 21 Installation File Name Description Files in SYS$COMMON:[SYSEXE] DRAS$SERVER.EXE DRAS server executable DRAS$MANAGER.EXE Management utility executable DRAS$CONFIG.INI Initialization file Files in SYS$COMMON:[SYSLIB] DRAS$COARSHR.EXE Accounting database interface DRAS$COCHSHR.EXE CHAP authentication module DRAS$COSPSHR.EXE Static password authentication module DRAS$COURSHR.EXE User and server database interface DRAS$COWWSHR.EXE WatchWord authentication module DRAS$COHPSHR.EXE...
-
Page 22: Tru64 Unix Installation
Installation True UNIX Installation Introduction To manage the DRAS server on a Tru64 UNIX system, install the DRAS Manager on a Windows NT or Windows 9x, 2000 system. Installing the Software To install the DRAS software on a Tru64 UNIX system (Version 3.2 or higher), do the following: Step Action... -
Page 23: Environment Variables
Installation Step Action Enter the management station’s Internet address and its secret when prompted. The installation procedure creates a database that contains: • An administration group object (default name is Admin). • A users group object (default name is Users). •... -
Page 24: Starting The Dras Server As A Console
Installation Starting the DRAS Server as a Console Do the following to start the DRAS server as a console: Step Action Log in as root or user with permission to access the DRAS server database. Enter the following command: # DRASD console The DRAS server starts when you reboot the system. -
Page 25: Stopping The Dras Server
Installation To run trace mode: Step Action Stop the server if it is running as a daemon. Make sure the environment variable DRAS_DIR points to the location of the server database files. Start the server using the following command: > # DRASD console The DRAS_TRACE_LEVEL environment variable contains the trace level and the default 5. - Page 26 Installation File Name Description drasserver Server executable setupdb SetupDb utility DRASD Start/stop script Files in /usr/opt/dras/callout drascoar.so Accounting database interface drascour.so User and server database interface drascosp.so Static password authentication module drascoww.so WatchWord authentication module drascoch.so CHAP authentication module drascohp.so Host password authentication module drascosd.so SecurID authentication module...
-
Page 27: Deinstallation
Installation Deinstallation To remove the DRAS software, do the following: Step Action Log in as root or super user. Deinstall the software by entering the following command: # setld -d DRAS0nn where nn is the current version number Postinstallation Introduction Ensure that your RADIUS clients are configured properly for RADIUS and IP operations. -
Page 28: Configuring Access Server Units
Installation Configuring Access Server Units To configure the access server unit, use access server console commands or the access server Manager. See the Network Access Software Management Guide or the Network Access Software Installation Guide for more information. The following table illustrates how to create a basic RADIUS configuration using the access server console commands: Step Action... -
Page 29: Registering Access Server Clients
Installation Registering Access Server Clients Register access server clients by their network IP addresses, even if the access servers are registered on a name server. An access server identifies itself in a RADIUS packet using the NAS-IP-Address attribute. The DRAS Server does not translate the IP address to a host name. -
Page 31: Dras Server Initialization File
Appendix A DRAS Server Initialization File Overview In This Appendix This appendix describes the following sections of the DRAS Server initialization file: • [Storage] Section • [Server] Section • [Policy] Section • [Ports] Section Initialization File Description File Names The DRAS installation procedure installs a server initialization file in the same directory where you install the DRAS data files. -
Page 32: Initialization File Example
DRAS Server Initialization File Initialization File Example The following example shows the initialization file from a Tru64 UNIX system. The following sections explain each part of the example. Tru64 UNIX drasconfig.ini File The following example shows a DRAS initialization file for a system running the Tru64 UNIX operating system. -
Page 33: [Storage] Section
DRAS Server Initialization File [Storage] Section Description The entries in the [Storage] section specify the location of the DRAS data files (excluding the initialization file). Entry Descriptions The following table describes the entries in the [Storage] section: Entry Default Value Description userdb •... -
Page 34: [Server] Section
DRAS Server Initialization File Entry Default Value Description accountingdb • OpenVMS: Defines the location of the accounting • DRAS$DIR:DRAS$ACCOUNTING.DAT database interface routines. • Windows NT: • %DRAS_DIR%DRASACCT.DAT • Tru64 UNIX: • %DRAS_DIR%drasaccounting.dat accounting • OpenVMS: DRAS$COAR Defines the location of the server callout •... -
Page 35: [Policy] Section
DRAS Server Initialization File [Policy] Section Description The entries in the [Policy] section determine whether the DRAS Server rejects a user’s request for access when it cannot find expected information in the user database. Policy Entry Values Policy entries have a value of Reject or Continue: •... -
Page 36: [Ports] Section
DRAS Server Initialization File Entry Default Value Description NoFramedSession Continue Defines the policy for a user whose entry in the user database includes a service type of Framed, but not the expected session definitions. NoLoginSession Continue Defines the policy for a user whose entry in the user database includes a service type of Login, but not the expected session definitions.
Need help?
Do you have a question about the IG-DRAS0-00 and is the answer not in the manual?
Questions and answers