Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsIP PhoneOmniAccess 3500
81828384858687888990
OmniAccess 3500 Nonstop Laptop Guardian Administration Guide
o LAN Interface IP — IP address assigned to the LAN Ethernet interface of the
gateway. The LAN interface is connected to a private subnet of the enterprise.
o LAN Interface Netmask — Network mask for identification of the private
subnet of attachment of the LAN gateway interface.
o LAN Interface Next-hop Router — IP address of the next-hop-router within the
private subnet of attachment of the LAN gateway interface (the next-hop
router, or default gateway, should not be confused with the OmniAccess 3500
NLG gateway itself).
o LAN Interface Secondary IP — VPN address of the gateway, associated with the
LAN:1 virtual interface. The VPN address is used by cards and laptops to
communicate with the gateway (and vice versa) through the IPsec tunnel. It is
included in the inner IP header of the packets exchanged by the gateway with
the card and laptop over the IPsec tunnel. This entry must be filled with one IP
address when the gateway is first configured. Later on, any modification of the
VPN IP address of the gateway must be executed on the <GUARD_PRIVATE_IP>
server type of the [Gateway Configure-> Server Table Information] window,
reachable through the [Gateway|Configure Advanced Settings|Server Table]
path.
o LAN Interface Secondary Netmask — Network mask for the private subnet of
attachment of the LAN:1 virtual interface of the gateway.
o Root Password — Password for the root account on the OmniAccess 3500 NLG
gateway.
o Confirm Password — Confirmation replica of the root account password.
o Active Directory Server IP — IP address of the Active Directory server used by
the enterprise for authentication of the laptop users.
o User Authentication Type — The method used for authentication of the end
users. Possible values are <DOMAIN>, <RADIUS-LAX>, and <RADIUS-STRICT>. If
<DOMAIN> is selected, all users will be authenticated using KDC. If <RADIUS-
LAX> or <RADIUS-STRICT> is selected, a RADIUS server will authenticate all
users. More specifically, with <RADIUS-LAX> the user’s laptop obtains its
network parameters before submission of the authentication credentials by the
end user. With <RADIUS-STRICT>, instead, the network parameters will only be
granted after success of the RADIUS authentication.
o Radius IP Address — The IP address of the RADIUS server being used for
authentication.
o Radius Port —The destination port for authentication requests.
o Radius Secret —The authentication and encryption key for all RADIUS
communications between the gateway and the RADIUS server.
o Kerberos Realm— KDC domain of the OmniAccess 3500 NLG gateway. The KDC
domain name is the same as the enterprise domain name, but must be written
in uppercase letters.
o KDC FQDN — Fully Qualified Domain Name (FQDN) of the Active Directory
server.
80