Alternate method of configuration, Ace authentication server configuration elements, Alternate method of configuration 221 – Enterasys Networks CSX6000 User Manual
Page 221: Ace a
Central Site Remote Access Switch 221
C
ONFIGURING
O
FF
-
NODE
S
ERVER
I
NFORMATION
ACE Authentication Server
b.
Specify the time between retries.
c.
Choose between the DES or SDI Encryption Method. The algorithm you select must be
compatible with the ACE Server setup.
d. You will also be prompted for a source IP address. This source IP address should be a valid
address for the CyberSWITCH. The IP address must match the IP address listed for the
system in the ACE Server host machine’s
/etc/hosts
file.
U
SING
M
ANAGE
M
ODE
C
OMMANDS
ace
Displays the current ACE Server configuration data.
ace change
Allows you to change the current ACE Server configuration data. After entering the
ace
change
command, you will be prompted for the configuration elements you want to change.
There is also an option to load the ACE configuration file. Use this option only if you have
selected the alternate method of configuring the ACE Server on the system using the
sdconf.rec
file.
ace reinit
Allows you to reinitialize the system ACE client. This is required only if the server’s IP address
or encryption method has been changed. A reinitialization removes the user-named services
file as described in the ACE Server documentation.
A
LTERNATE
M
ETHOD
OF
C
ONFIGURATION
There is an alternate method of configuring the ACE Server database using a file on the ACE Server
itself. If you decide to use this alternate method, you would TFTP the file sdconf.rec to the system,
placing it in the
\config
directory. You would then activate the “load” through CFGEDIT (screen
on
, selection 4) or through MANAGE MODE, using the
ace change
command. A restart
would also activate the “load.” After downloading the file, you will still need to specify the source
IP address.
For more information on the
sdconf.rec
file and this alternate method of configuration, refer to
the ACE Server documentation.
ACE A
UTHENTICATION
S
ERVER
C
ONFIGURATION
E
LEMENTS
IP A
DDRESS
The IP address in dotted decimal notation for the ACE Server. The IP address must match the
address used for the server in its host machine’s
\etc\hosts
file.
UDP P
ORT
N
UMBER
The UDP port number used by the ACE Server. The default value is 1024. This port number must
match the port listed for the SecurID service in the host machine’s
\etc\services
file.
N
UMBER
OF
A
CCESS
R
EQUEST
R
ETRIES
The number of Access Request Retries that the system will send to the ACE Server. The initial
default value is 3. The acceptable range is from 0 to 32,767.