Plug-in planning, Threads – Enterasys Networks Network Card User Manual

RiverMaster Administrator’s Guide

77

Chapter 4

Before You Begin

Setting Up Aurorean Services

NOTE

Enterasys Networks continually tests interoperability with other RADIUS

server vendors. Contact Enterasys Networks Customer Support for an

up-to-date list of approved RADIUS servers.

Plug-in Planning

You can add multiple plug-ins for RADIUS or SecurID authentication.
Typically, you add one plug-in for each RADIUS or SecurID authentication
server on your network and preserve the Enterasys Authentication plug-in
for RiverMaster logins. One plug-in must be designated as the default
plug-in. When you set up your Aurorean Virtual Network for the first time,
the default plug-in is Enterasys Authentication.

When Aurorean users attempt to tunnel into the corporate network, they
must present a VPN user name and password for authentication. If the
Aurorean Client user presents a simple user name such as BSmith, the user is
authenticated against the default plug-in. Aurorean users have the ability to
override the default and select another plug-in by adding an “@” symbol and
the identifier for the plug-in. For example, if you add a RADIUS plug-in with
the identifier RADIUS1, a Aurorean Client user can select this plug-in by
entering a VPN user name such as BSmith@RADIUS1.

Threads

You can accelerate the authentication of multiple users logging in at the same
time by increasing the number of threads (logins in progress) the
authenticating server will handle. This function is useful if you discover that
users are exceeding the timeout value allowed for authentication and are not
being connected because too many clients are dialing in simultaneously.

For instructions on customizing the Enterasys Authentication plug-in and
adding RADIUS and SecurID plug-ins, refer to “Adding an Authorization
Plug-In” on page 80.