Setting up securid authentication, Etting, Ecur – Compatible Systems INTRAPORT 2+ User Manual

Chapter 7 - Alternate Protocols and Security Parameters

53

attribute settings will require that you enter users in the Users text
file. See the user manual for your server for more information on
exporting, editing and importing the Users text file.

In addition to the RADIUS server settings, the user name, login pass-
word and tunnel secret must match the settings for each user in the User
Properties window of the VPN Client. The group configuration must
match one of the VPN group configurations in the IntraPort’s configu-
ration.

Setting up SecurID Authentication

If you are using Security Dynamic’s ACE/Server software for user
authentication, you must set up the IntraPort to communicate with the
ACE/Server.

The Security Dynamics ACE/Server software performs dynamic
two-factor SecurID authentication. Dynamic two-factor authentication
combines something the user knows – a memorized personal identifica-
tion number (PIN) – with something the user possesses – a SecurID
token which generates an unpredictable code every 60 seconds. This
combination of PIN and SecurID tokencode represents a one-time
PASSCODE and is transmitted to the ACE/Server software for verifica-
tion. See

Appendix C

of this manual for information on how to obtain

ACE/Server software and SecurID tokens.

To use ACE/Server software with the IntraPort, you will need the fol-
lowing:

•

ACE/Server software running on a supported platform (see the
ACE/Server Installation Guide or README document for a cur-
rent list of ACE/Server-supported platforms and other server
requirements)

•

The VPN Client software, which functions as an ACE/Agent, run-
ning on a supported platform

•

SecurID tokens, distributed to appropriate personnel who will use
them to access the ACE/Server-protected ACE Agents, including
the VPN Client.