beautypg.com

Alternate method of configuration, Ace authentication server configuration elements, Alternate method of configuration 221 – Enterasys Networks CSX6000 User Manual

Page 221: Ace a

background image

Central Site Remote Access Switch 221

C

ONFIGURING

O

FF

-

NODE

S

ERVER

I

NFORMATION

ACE Authentication Server

b.

Specify the time between retries.

c.

Choose between the DES or SDI Encryption Method. The algorithm you select must be
compatible with the ACE Server setup.

d. You will also be prompted for a source IP address. This source IP address should be a valid

address for the CyberSWITCH. The IP address must match the IP address listed for the
system in the ACE Server host machine’s

/etc/hosts

file.

U

SING

M

ANAGE

M

ODE

C

OMMANDS

ace

Displays the current ACE Server configuration data.

ace change

Allows you to change the current ACE Server configuration data. After entering the

ace

change

command, you will be prompted for the configuration elements you want to change.

There is also an option to load the ACE configuration file. Use this option only if you have
selected the alternate method of configuring the ACE Server on the system using the

sdconf.rec

file.

ace reinit

Allows you to reinitialize the system ACE client. This is required only if the server’s IP address
or encryption method has been changed. A reinitialization removes the user-named services
file as described in the ACE Server documentation.

A

LTERNATE

M

ETHOD

OF

C

ONFIGURATION

There is an alternate method of configuring the ACE Server database using a file on the ACE Server
itself. If you decide to use this alternate method, you would TFTP the file sdconf.rec to the system,
placing it in the

\config

directory. You would then activate the “load” through CFGEDIT (screen

on

page 220

, selection 4) or through MANAGE MODE, using the

ace change

command. A restart

would also activate the “load.” After downloading the file, you will still need to specify the source
IP address.

For more information on the

sdconf.rec

file and this alternate method of configuration, refer to

the ACE Server documentation.

ACE A

UTHENTICATION

S

ERVER

C

ONFIGURATION

E

LEMENTS

IP A

DDRESS

The IP address in dotted decimal notation for the ACE Server. The IP address must match the
address used for the server in its host machine’s

\etc\hosts

file.

UDP P

ORT

N

UMBER

The UDP port number used by the ACE Server. The default value is 1024. This port number must
match the port listed for the SecurID service in the host machine’s

\etc\services

file.

N

UMBER

OF

A

CCESS

R

EQUEST

R

ETRIES

The number of Access Request Retries that the system will send to the ACE Server. The initial
default value is 3. The acceptable range is from 0 to 32,767.

This manual is related to the following products: