Firewall Wizards mailing list archives
SUMMARY: Contivity ES1000 and SecurID
From: lemke () Research Panasonic COM (Kennedy Lemke)
Date: Fri, 16 Apr 1999 19:38:08 -0400
Hi, everyone--this is a followup to my query of 3/18/99 about how to get a Nortel Contivity box to talk to a Solaris SecurID server. I'm not including the original long note or the responses I got to save bandwidth, but will send to individuals if requested. The solution to the problem of getting our Contivity ES1000 box to talk to our SecurID server software was in understanding that there is an additional piece of software (a RADIUS server) that sits between the contivity box and the securid server. To authenticate a user via SecurID, the contivity box forwards an authentication query to a RADIUS server, which then talks to the aceserver. I was unclear precisely what a RADIUS server was or how to implement one, so special thanks to Chris Carlson for explaining it to me. The solution I implemented was to get the latest version of the software for the Contivity box (version 2_10.06) from Nortel, then the latest version of the SecurID aceserver software from Security Dynamics (version 3.3), which includes a RADIUS server for no extra licensing charge. It presumably would have also been possible to install a separate RADIUS server software product elsewhere on the network (some free implementations are available I believe), but I decided to use SDI's built-in server to try to reduce the number of different machines/vendors for this project. Bottom line is that our Contivity ES1000 VPN box is up and running and functioning as expected using SDI's RADIUS server in addition to their SecurID aceserver user authentication scheme (which we also use for dialin access). Thanks to all who responded. _____ _______ _____ Kennedy Lemke | __ \__ __|_ _| Computer Systems Manager | |__) | | | | | UNIX && TCP/IP Network administrator | ___/ | | | | Postmaster && Webmaster && News administrator | | | | _| |_ Panasonic Technologies, Inc. |_| |_| |_____| 2 Research Way Work: (609) 734-7329 Princeton, New Jersey 08540-6628 Fax: (609) 987-8827 Email: lemke () Research Panasonic COM
Current thread:
- SUMMARY: Contivity ES1000 and SecurID Kennedy Lemke (Apr 17)