Panasonic NN46110-600 User Manual
Page 59
Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".
Chapter 2 Configuring servers
49
The VPN Router can store all passwords encrypted with 3DES, but you
must first enable the feature. To enable 3DES, select
Servers > LDAP
and click
Enable TripleDES
. When you enable TripleDES, all passwords
within the box are encrypted with 3DES as well as any future passwords
that are entered.
You can also change the existing encryption key by enabling
TripleDES
and, in the
Encryption Key
dialog box, enter an 8 byte character string or
hexadecimal value. For more information on 3DES, see “Encrypting with
e
Confirm the password by reentering the server's
Secret
to verify that you
typed the password correctly.
f
Use the
reply-source-port
option to configure the port that the RADIUS
server uses as a source in the RADIUS authentication reply. The default
value is 0 (only allow a reply packet with the source port of 1645). The
UDP port that is used is the port configured in the Port attribute of the
RADIUS server configuration on the server Servers > RADIUS
Authentication window. The default value is 1645.
Reply-source-port is only necessary if you have a RADIUS server that
sends a RADIUS authentication reply with a UDP port that differs from
the originating UDP port. For example. if a RADIUS authentication
packet is sent from the VPN Router using the UDP source port 1100 and
UDP destination port 1645, the RADIUS server responds with a UDP
source port of 8500 and a destination UDP port of 1100. The VPN Router
is expecting a reply with a source UDP port of 1645 and a destination
UDP port of 1100. Therefore, this packet is dropped because the UDP
port 8500 is not open (by default) and the packet is filtered.
g
Click
Suppress-service-type
to remove the service type 8 attribute from
the radius access message and to return attributes to the VPN Router. This
is implemented to maintain forward compatibility with newer versions of
SBR.
4
In the
Response Timeout Interval
field, enter the frequency in seconds that
you want the VPN Router to wait before retrying to connect to the RADIUS
servers. By default, the VPN Router tries once every three seconds. The
minimum setting is 1.
Nortel VPN Router Security — Servers, Authentication, and Certificates