beautypg.com

Setting the intraport for an ace/server, Ace/server settings – Compatible Systems INTRAPORT 2+ User Manual

Page 60

background image

54

Chapter 7 - Alternate Protocols and Security Parameters

Setting the IntraPort for an ACE/Server

Just a few basic settings are required for the IntraPort to communicate
with an ACE/Server.

• SecurID

on

• Encryption

method

ACE/Server IP address

Enable SecurID for a group of IntraPort users

CV: Use the SecurID Configuration Window (under Global/SecurID

Configuration) to set up a server. Use the SecurID tab in the VPN
Group Configuration Window to enable SecurID for a VPN
group.

TB: Use

the

configure command and set the Enabled, EncryptMeth

and PrimaryServer keywords in the SecurID section, then set
the SecurIDRequired keyword in a VPN Group Name section.

ACE/Server Settings

To configure the ACE/Server for communication with the IntraPort,
consult the ACE/Server Installation Guide. You should consult the
ACE/Server Administration Manual on the ACE/Server CD-ROM for
instructions on adding and removing users in the ACE/Server database.

v Note: The IntraPort should be configured as a communication server

in the Client Type pull-down menu in the ACE/Server’s Add Client
dialog box (under Client>Add Client).

v Note: The first time the IntraPort contacts the ACE/Server, they

exchange a secret based in part on the IntraPort’s IP address.
After the first exchange, the Sent Node Secret checkbox in the
ACE/Server’s Add Client dialog box (which can be accessed using
the Add Client option under the Client menu) will be checked. The
checkbox will be grayed out until this initial exchange has taken
place. Any major changes to the IntraPort’s configuration (such as
changing its IP address) will mean that the IntraPort and the
ACE/Server will no longer be able to communicate. To get around
this, simply uncheck the Sent Node Secret checkbox on the
ACE/Server and issue the reset securid secret command in the
IntraPort. Remember to save the changes to both devices. The two
devices will do a new secret exchange and will be able to communi-
cate again.