User`s guide
Table Of Contents
- Ascend Customer Service
- How to use this guide
- What you should know
- Documentation conventions
- How to use the on-board software
- Manual set
- Configuring WAN Connections
- Configuring IP Routing
- Introduction to IP routing on the Pipeline
- Managing the routing table
- Parameters that affect the routing table
- Static and dynamic routes
- Configuring static routes
- Specifying default routes on a per-user basis
- Enabling the Pipeline to use dynamic routing
- Route preferences
- Viewing the routing table
- Fields in the routing table
- Removing down routes to a host
- Identifying Temporary routes in the routing table
- Configuring IP routing connections
- Ascend Tunnel Management Protocol (ATMP)
- IP Address Management
- Connecting to a local IP network
- BOOTP Relay
- DHCP services
- Dial-in user DNS server assignments
- Local DNS host address table
- Network Address Translation (NAT) for a LAN
- Configuring IPX Routing
- How the Pipeline performs IPX routing
- Adding the Pipeline to the local IPX network
- Working with the RIP and SAP tables
- Configuring IPX routing connections
- Configuring the Pipeline as a Bridge
- Defining Filters and Firewalls
- Setting Up Pipeline Security
- Pipeline System Administration
- Pipeline 75 Voice Features
- IDSL Implementations
- APP Server utility
- About the APP Server utility
- APP Server installation and setup
- Configuring the Pipeline to use the APP server
- Using App Server with Axent SecureNet
- Creating banner text for the password prompt
- Installing and using the UNIX APP Server
- Installing and using the APP Server utility for DO...
- Installing and using the APP Server utility for Wi...
- Installing APP Server on a Macintosh
- Troubleshooting
- Upgrading system software
- What you need to upgrade system software
- Displaying the software load name
- The upgrade procedure
- Untitled
Setting Up Pipeline Security
Using security cards
7-18 Preliminary January 30, 1998 Pipeline User’s Guide
MAX (acting as the NAS). The NAS requests authentication from the RADIUS
server, which in turn contacts the external server.
Figure 7-1. RADIUS acting as client of ACE or Safeword server
When a user initiates a login to a secure site, the following events occur:
1
The calling unit (for example, a Pipeline) calls a NAS (the MAX).
2
The NAS requests authentication of the call from the RADIUS server.
3
The RADIUS server forwards the request to an ACE or Safeword server.
4
The ACE or Safeword server sends a challenge message (which may confirm
a null challenge) back through the RADIUS server and the NAS to the
calling unit.
5
A user on the remote network responds to the challenge message with the
current password, which is displayed on the security card.
If the user enters the correct password, network access is established.
If 60 seconds pass without a response to the challenge message, the call is
dropped.
If the user enters an incorrect password, the ACE or Safeword server sends
another challenge. After three incorrect passwords, the call is dropped.
Supporting outbound security card calls
The instructions in this section explain how you configure the Pipeline to place
calls to a remote NAS and to handle password challenges when they are returned
from the NAS.
WAN
MAX
(NAS)
User with
security card
ACE or SAFEWORD
RADIUS
Pipeline