Filter
Top Products
86
RiverMaster Administrator’s Guide
Adding an Authorization Plug-In Chapter 4
Setting Up Aurorean Services
11 In the Timeout field, enter the number of seconds the APS should
wait before resending an authentication request.
If the RADIUS server fails to respond to an authentication request
within the time specified, the APS automatically resends the request.
Depending upon the type of RADIUS server you use, set this field as
follows:
12 In the Retry field, enter the number of times the APS should resend
an authentication request.
For example, when this field is set to 2, the APS resends an
authentication request twice before declaring the RADIUS server
unreachable. Depending upon the type of RADIUS server you use,
set this field as follows:
13 If you were unable to create an Enterasys group on your RADIUS
server and need to reuse an existing group attribute, enter the
attribute number in the Group Attrib. field.
Authentication messages passed between the APS and the RADIUS
server must carry a group attribute. If the RADIUS server
management application prevented you from creating an Enterasys
group attribute, you can take over a pre-defined attribute and use it
for VPN authentication. For example, the standard attribute Login-
LAT-Group can be used by entering its number, 36, in this field. For a
complete list of attribute numbers, refer to the IETF RFC 2138.
Server Type Recommended Value
Steel-Belted RADIUS 10 seconds
MS RADIUS 10 seconds
SecurID over RADIUS 30 seconds
Server Type Recommended Value
Steel-Belted RADIUS 3 retries
MS RADIUS 3 retries
SecurID over RADIUS 1 retry