Getting Started with VOP Radius

Similar documents
RSA SecurID Ready Implementation Guide

This topic focuses on how to prepare a customer for support, and how to use the SAP support processes to solve your customer s problems.

Contents OVERVIEW... 3

GETTING STARTED WITH QUICKEN 2014 Windows Express Web Connect and Web Connect

TMT Fleet Maintenance Windows. TruckMate Installation Guide

Welcome to the course on the initial configuration process of the Intercompany Integration solution.

Pepperi Plugin for SAP Business One

Contents OVERVIEW... 3

CCC Wallboard Manager User Manual

GETTING STARTED WITH QUICKEN with Online Bill Pay 2010, 2009, and for Windows

Sage 100. Sage Payroll Services Getting Started Guide

SAP BusinessObjects Dashboard and Analytics Setup and Administration

Sage HRMS 2014 Sage Employee Self Service. Installation and Setup Guide. October has been retired. This version of the software

Setup & Usage - CanadaPost for Small Business App

Sage ERP Accpac Online 5.6

Sage HRMS 2014 Sage Employee Self Service Installation and Setup Guide. October 2013

Microsoft Dynamics GP. Personal Data Keeper

Then enter your PIN, also created during the enrollment process. After entering this data, select Submit.

SAP Business One for Universities

Dovico Planning & Timesheet v4 BEST PRACTICES

Deltek Touch Time & Expense for GovCon 1.2. User Guide

Getting Started Guide

ACD MIS SUPERVISOR S GUIDE

TMW Systems, Inc. TMW 3GTMS Integration Service Installation Guide

Frequently Asked Questions on Remote Support Platform for SAP Business One (RSP)

Integrating IBM Cognos Planning into a SSL enabled Dispatcher

SAP Business One Administrator's Guide

ACHIEVE FREIGHT CONTROL INSTALLATION GUIDE

Contents OVERVIEW... 3

BillQuick QuickBooks Integration

Classic Vista Payroll Delivery Enhancement Project (PDEP)

Orisoft Object-Oriented Human Resource Management System Suite. User Manual for ESS

ConnectWise-Sage 50 Accounts User Guide

Application Notes for configuring Teleopti WFM and Avaya Call Management System R17.4 using the ODBC Interface Issue 1.0

Contents OVERVIEW... 3 CONFIGURATION... 4

BillQuick MYOB Integration

OpenScape Business V2 Vodafone UK ITSP SIP Trunk Configuration

Eclipse Remote Order Entry. Release 9.0.2

Aldelo Liquor Controller Server User Manual

Tivoli Workload Scheduler

Oracle s Hyperion System 9 Strategic Finance

Upgrading from IBM Cognos Disclosure Management server version to version

Purchase Order, Requisitions, Inventory Hands On. Workshop: Purchase Order, Requisitions, Inventory Hands On

e-invoicing on the e-prior Supplier Portal

ACD MIS Supervisor Manual

UNITY CRM INTEGRATION AGILE CRM

Phone Manager Application Support JANUARY 2015 DOCUMENT RELEASE 4.2 APPLICATION SUPPORT

Table of Contents. HVAC Remote Manual 2010

HRJT Troubleshooting Personnel Entry

Before you can download your transactions with Quicken you will need internet access, your customer ID and password. *

CCM 1.1 Field Staff User Guide

ExpressMaintenance Release Notes

Allied Telesis AlliedView NMS System 12.1 SP1 Installation Guide Issue 2

MAINTAINING REQUISITIONS

HealthEquity Employer Portal Guide HealthEquity All rights reserved.

1Z Oracle Eloqua Marketing Cloud Service 2017 Implementation Essentials Exam Summary Syllabus Questions

IBM i Version 7.2. Systems management Advanced job scheduler IBM

bprobe Installation and Configuration Guide

Lead Scoring CRM Integration

Online Billing Guide. s Delta Dental of Virginia 4818 Starkey Road, Roanoke, VA Fax: DeltaDentalVA.

Exempt Leave Report Approvals

Russell Stover Vendor Portal Standard Operating Procedure

Version /2/2017. Offline User Guide

How to Configure the Workflow Service and Design the Workflow Process Templates

HOW INTEGRATION WORKS...

Module Simple Barcode Inventory User Manual Version 1.0

LET S TALK (916)

Web TimeSheet Integration Manager for Microsoft Project Server. Version 2.6 USER GUIDE

Off-Campus Work-Study Employer JobX Training Guide

UPS Shipping Setup for Conveyorware

AMI AutoAGENT Shop Floor Manager

Dovico Timesheet Hosted - May 2014 BEST PRACTICES

GETTING STARTED WITH QUICKEN with Online Bill Pay for Windows. Click the version you are looking for

Universal Time Clock TM. QuickBooks Plug-in User Guide

Decor Fusion Inventory Handheld Gun Usage Guide Version Date [Publish Date]

BillQuick-QuickBooks Advanced Integration Guide 2016

Productivity. PPS Cart: PulseNet Production Systems. Powerful Tools for Better Performance

Performing a Payroll Export to Payroll City

WAREHOUSE SUPPORT SITE

FrameworkFlow Installation & User Guide. 9/20/2018 Version

UAccess EMPLOYEE. Graduate Assistant-Associate Contracts (NOA) Updated v.1.00

BillQuick MYOB Integration

In this topic, we will cover the Solution Packager tool that enables partners and Software Solution Providers to create pre-packaged solutions for

Call Management Version 6.6 User Guide

CoLinear Systems, Inc. Manifest Shipping. General. v10

HICAPS and Medicare Integration

Session 1-3 and 1-4 Sage 300 CRE: Advanced Accounts Payable Lab (Parts 1 and 2) Presented by: Kathy Lewis Kathy Lewis Consulting

RIT ORACLE CAPITAL EQUIPMENT PHYSICAL INVENTORY

Standard ERP Integration with Avalara Sales Tax Setup and Workflow (USA and Canada) User Guide

VFO VENDOR ATOMS STANDARD OPERATING PROCEDURE

Emergency Responder and Intrado V9-1-1 Enterprise Services

Configuring IBM Cognos Controller 8 to use Access Manager Authentication

Procurement Services Training Manual. An Introduction to eprocurement and GeorgiaFIRST Marketplace

ArchiOffice QuickBooks Integration

IBM Cognos Series 7 to PowerPlay for IBM Cognos 8 Migration Installation and Configuration Checklist

Contents OVERVIEW... 3

Bill of Material (Product Build Report)

HOMISCO, INC. 99 Washington Street, Melrose, MA Tel: (781) Fax: (781)

Transcription:

Getting Started with VOP Radius VOP Radius Server for Windows Version: 4.0 July 16, 2004 Vircom Inc. 2055, Peel Suite 200 Montreal, Quebec Canada H3A 1V4 http://www.vircom.com

AUTHENTICATION METHOD... 3 USING VOP RADIUS WITH A REMOTE RADIUS SERVER (AS A PROXY)... 3 USING VOP RADIUS FOR STAND-ALONE ODBC AUTHENTICATION... 3 USING VOP RADIUS FOR STAND-ALONE TEXT AUTHENTICATION... 4 Remote Radius Database... 4 ODBC Database... 5 Text File Database... 6 NT-SAM Database... 6 CLIENT DEFINITIONS... 8 USER LOGIN LIMITS... 9 FALLBACK... 11 ROAMING OPTIONS... 12 RADIUS ACCOUNTING...13 USER LISTING... 14 ADMINISTRATIVE ALERTS... 15 2

Thank you for choosing VOP Radius as your authentication and accounting platform! This document is to be used in conjunction with the VOP Radius installation wizard. Simply follow this document step-by-step to complete your installation of RADIUS. Let s begin Authentication Method The third panel you should see when you run the wizard will ask you to select the authentication method you need. Here is a brief description of the three main methods of authentication available using the VOP Radius Server. Choose the authentication method you will be using: Using VOP Radius with a Remote RADIUS server (as a proxy) The VOP Radius will forward all incoming packets to a remote authentication and accounting RADIUS server or servers. In this case, the VOP Radius only acts as a proxy server. Using VOP Radius for Stand-alone ODBC authentication The VOP Radius will act as a Stand-alone RADIUS server using any ODBC compliant database such as Access, SQL server and Oracle, to gather all the necessary user information. If you're using and ODBC-based billing package, you will most probably be using this method. 3

Using VOP Radius for Stand-alone Text authentication Select this option if you want to use VOP Radius in conjunction with a user list in a text file, either in the Livingston format or the Unix password file format. A text file is also used in conjunction with NT SAM authentication as well. Choose the authentication method that suits your needs, and then click on the Next button. This will call up a panel based on your choice; each panel is described below: Remote Radius Database If you choose to use VOP Radius as a proxy server, you'll need to enter the appropriate information in the two fields and then click on the "Next" button to go to the next panel. Enter the information required in each field described below. Default Authentication RADIUS Server Enter the IP Address of the main RADIUS server you want to send the authentication information to. It will be used whenever we receive an access-request packet from a user without a roaming ID in its username. Default Accounting RADIUS Server Enter the IP Address of the main RADIUS server you want to send the accounting information to. It will be used whenever we receive an accounting-request packet from a user without a roaming ID in its username. 4

IMPORTANT: the default Authentication and Accounting RADIUS servers must be described under the client definitions (the next panel). The reason they need to be described there is because we need to know the shared secret that need to be used to communicate with them. Most of the time, the default authentication & accounting servers will be on the same machine. Once you click on the "Next" Button, you will go to the client definition screen. ODBC Database If you choose to use VOP Radius as a stand-alone server using the ODBC interface, you'll need to enter the appropriate information in the two fields and then click on the "Next" button to go to the next panel. Enter the information required in each field described below. Database Type If you are using any of these billing applications for authentication, you should click on the appropriate type. This will put the correct values into the different fields defined below. Note that you need to make sure that your datasource exists for your database type. In other words, a system DSN must have been created under Control-Panel -> 32 Bit ODBC to connect to your billing package's database. Datasource Specify the datasource that should be used for the ODBC authentication. Datasource User ID/Password 5

Specify the Username and Password that should be used when connecting to the above datasource. If none are required, just leave those fields blank. Note: If you choose Generic as the ODBC database method. The default ODBC interface is configured to work with the VOP Radius Access database. You can always modify the datasource to be used and attributes to be logged, by clicking on the ODBC Setup button (in the control panel configuration application) once you exit the install wizard application. Once you click on the "Next" Button, you will go to the client definition screen. Text File Database If you choose to use VOP Radius as a stand-alone server using the Text-File interface, you'll need to enter the appropriate information in the two fields and click on the "Next" button to go to the next panel. In this mode, VOP Radius uses a text file to gather all the necessary information (much like a UNIX RADIUS server). Type in the path to the text file you will be using. If it's a UNIX Password file, checkmark the option indicating that it is. If the text file will be used in conjunction with the NT-SAM database, checkmark the relevant option. The text file in question must follow the format outlined below. NT-SAM Database 6

It is recommended to use the text file with the 'Auth-Type = NT' because it allows you to use any RADIUS compliant attribute instead of being limited to the default attributes we provide when we're doing purely NT-SAM authentication, without a text file. If all of your users will have the same attributes you can choose to use one Default entry. For example: DEFAULT<TAB>Auth-Type = NT <TAB>Service-Type = Framed-User, <TAB>Framed-Protocol = PPP, <TAB>Port-Limit = 1 You can also assign specific RADIUS Profiles to each of your users, by simply adding each user and assigning the relevant attributes. Here is an example: Username<TAB>Auth-Type = NT <TAB>Service-Type = Framed-User, <TAB>Framed-Protocol = PPP, <TAB>Port-Limit = 1 Note: You can only configure the Users.txt file once you have successfully completed the configuration with the wizard. Once you click on the "Next" Button, you will go to the client definition screen. 7

Client Definitions This is where you define your Radius Clients, consisting of Terminal Servers, Roamer Servers and Remote Radius Servers. Each entry will appear in the box, as they are defined. In order to create a Radius Client entry, just click on the Add button. If you wish to modify an entry, just highlight it and click on Modify, or double click on the entry. If you click on "Add" or "Modify", a pop-up menu will appear with these entries to fill: Client Type: Enter the type of RADIUS Client. Most types of terminal servers are supported. If yours is not, select the "Other" type. In case you need to define RADIUS servers or Roamer servers for Roaming purposes (ID), enter the RadiusServer/Roamer Client Type. Name: Type in a name you want to identify this RADIUS client with. This can be any name, and doesn t need to be the actual HostName of the client. IP Address: Type in the IP address of the client. Secret: Case-sensitive shared secret that will be used to talk to the client or server. Make sure this secret matches the authentication & accounting secrets on the NAS. Once you click on the "Next" Button, you will go to the User Login Limits screen. 8

User Login Limits The following options are global settings that will allow you to limit all of your users to a single connection, unless otherwise specified. If you want to control the logon limits on a per user basis and you are using the VOP Radius as a stand-alone server, it is recommended to use the Port-Limit RADIUS attribute. Otherwise, you can use these settings instead. Prevent simultaneous connections on all users Every time a user is authenticated, the VOP Radius will verify if that user is already online on another port. If that user is currently online, he will be denied access on his second simultaneous connection attempt. The following options may only be used if the VOP Radius is preventing multiple logins. Only if Remote RADIUS Server is down The concurrency verification will only occur when the remote RADIUS server is not answering (whenever the users are authenticated through the VOP Radius cache). Allow ISDN users multiple logins The ISDN users coming in will be able to access multiple port/channels, while the Analog/ASYNC users will only have access to a single port/channel. ISDN users will only have access to 2 port/channels at the same time. 9

Allow Telnet/Rlogin users multiple logins The Login-Users coming in will be able to access multiple port/channels simultaneously with the same User name. This is mainly used to accept NVRAM defined users for automatic Rlogin/telnet connections. Verify Port-Limit upon Server Reply The concurrency verification will be applied after the reply from the Remote RADIUS server (roaming or default). If the packet contains a Port-Limit attribute, it will be used to validate the number of active sessions. If no Port-Limit is found, it will then revert to the above concurrency options. Once you click on the "Next" Button, you will go to the Fallback screen. 10

Fallback The Fallback mechanism is triggered whenever the primary method of authentication fails. By default, the Cache handles the RADIUS requests when this occurs. Here you can choose the kind of method you wish to use as a secondary database: ODBC Database, a TEXT (also includes NT SAM authentication) file or a remote RADIUS server. RADIUS Server IP Address: If you choose a remote RADIUS server, just add its IP ADDRESS. Note that you must have a RADIUS Client definition for this remote RADIUS server so we know what secret to use when communicating with it. Setup Button: Click on this button if you choose ODBC or TEXT as the secondary database method. When choosing ODBC as the secondary authentication method, the ODBC interface is configured to work with the VOP Radius Access database files by default. You can always modify the datasource to be used and attributes to be queried, by going to the cache tab of the configuration control panel window, once you exit the install wizard application. Apply Method if User not Found: This option can only be used if your Primary database is an ODBC or TEXT File. If this option is checked, every time an Access Request Username can t be found in the predefined primary database, the VOP Radius will try to find the Username in the secondary database, before returning an Access Reject packet. This also applies to any database IDs defined. Once you click on the "Next" Button, you will go to the Roaming Options screen. 11

Roaming Options This panel is "optional" in as much as, if you don't specify default Roamer server, VOP Radius will be used to authenticate packets with a Roaming ID that isn't defined in one of your client definitions. So if you don't plan on re-routing packets with an unknown roaming ID to an outside server, simply click on "Next" immediately to go to the next panel. If you do want to use a default roamer server, checkmark the "Do you wish to use a default roamer server?" option. Server's IP Address: By defining an IP Address in this field, the VOP Radius will forward all unknown roaming RADIUS packets to this server. An unknown roaming packet is defined as one which contains no predefined roaming ID in the client definitions. LOCAL Roaming ID s : This is where you define all of the Roaming ID s you wish to authenticate locally. Meaning that they will not get sent to the Default Roamer server. Precedence of roaming ID types: Source IP, DNIS ID, Database ID, Local ID, Roaming ID, Default Roamer ID Once you click on the "Next" Button, you will go to the RADIUS Accounting panel. 12

RADIUS Accounting Choose a method to store your user accounting information, either via a text-file or through an ODBC database. When choosing to store accounting packets in an ODBC database, the ODBC interface is configured to work with the VOP Radius Access database files by default. You can always modify the datasource to be used and attributes to be logged by clicking on the ODBC Setup button once you exit the install wizard application. Standard Format & VOP Radius Proprietary Format: If you check this box, then the Accounting log file will record each packet in the Standard Format. If the box in unchecked, each accounting packet will be displayed on one line with attributes separated by commas. Here is an example of both formats: Standard Format: Thu Jul 30 11:40:16 1998 Acct-Status-Type = Start NAS-IP-Address = 207.96.243.60 Acct-Delay-Time = 0 User-Name = "Jones" NAS-Port-Id = 2 Acct-Session-Id = "19.02.0" Acct-Authentic = RADIUS Service-Type = Framed-User VOP Radius Proprietary Format: "7/30/1998","11:40:16","40(1)","4(207.96.243.60)","41(0)","1(Jones)","5(2)","44(19.02.0)", "45(2)","6(7)" Once you click on the "Next" Button, you will go to the User Listing panel. 13

User Listing The VOP Radius server has an internal listing of all the RADIUS users currently online. By default, this listing is saved to a text file (VPRUsers.log). You also have the choice of storing/updating this user listing via an ODBC database. The ODBC interface is configured to work with the VOP Radius Access database files by default. You can always modify the datasource to be used and attributes to be logged, by clicking on the ODBC Setup button once you exit the install wizard application. An SQL Server script is available if you wish to create the VOP Radius User Listing table in your SQL Server (see the file Scripts.sql located in the VOP Radius program folder). Removing END Users from the Listing: By default, users in the END state will only be removed from the user listing after a period of 12 hours. This is useful to track modem/port problems, by verifying who was the last person online on a given port. The END state means the user is no longer online and the connection was terminated. If this option is checked, the VOP Radius will remove users within a period of 60 seconds of when they enter the End State. Once you click on the "Next" Button, you will go to the Administrative alerts screen. 14

Administrative Alerts This panel lets you specify your mail server address, in case you want to receive warnings or alerts concerning the operation of VOP Radius. Enter your SMTP server address and Email address here. Click on Next to finish the configuration process. 15

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback