Radius authentication service – Panasonic NN46110-600 User Manual

Page 51

Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".

Advertising
background image

Chapter 2 Configuring servers

41

Once the primary external LDAP server is initialized, the VPN Router issues an

ICMP echo request to all secondary server IP addresses and follows the previous

procedure for each secondary server.

Because the VPN Router assumes only read/write access to the primary external
LDAP server, it does not configure any secondary server directories for VPN
Router directory storage. Instead, the VPN Router relies on the LDAP replication

agreements between the primary LDAP server and secondary LDAP servers to

populate the secondary servers with the appropriate directory information.

During normal operations, the VPN Router utilizes the primary external LDAP

server. In the event of primary LDAP server failure, the VPN Router fails-over to

the next secondary LDAP server in succession. Only the servers marked up are

attempted. Once the VPN Router detects the return of the primary server, it returns

to normal operations and utilizes the primary server exclusively.

RADIUS authentication service

RADIUS is a distributed security system that verifies connection attributes and

authenticates connections. It is available on both public and private interfaces. You

enable RADIUS on the Services > RADIUS window. Packet flow is from external
clients to the VPN Router interface IP and port. You configure the port on the

Services > RADIUS window. To configure filters, go to the the Services >

Available window and in the Authentication Protocol section, click public or

private for RADIUS.

When you enable RADIUS client authentication, VPN Router acts as a RADIUS

authentication client to external RADIUS authentication servers. You enable

client authentication on the Servers > RADIUS Auth window. External

authentication servers are located on either public or private networks. You

determine the packet flow from the IP address/port that you configured on the

Servers > RADIUS auth > RADIUS Servers > interface window to external
servers and back. You control the filters from the Servers > RADIUS Auth >

Enable Access to RADIUS Authentication window. When you enable RADIUS,
public and private filters are put in place.

Nortel VPN Router Security — Servers, Authentication, and Certificates

Advertising
Popular Brands
Popular manuals