Manualshelf

Installation guide

ManualsBrandsCabletron Systems ManualsComputer equipmentAccess Server 316
101102103104105106107108109110
User Authentication Configuration Problems
8-8
Verify the Access Server and Security Configuration
Procedure
If the access server is not able to communicate over the network with a Kerberos security
server, verify with the security system administrator that the access server is registered
with all security servers within the same security realm, if using Kerberos, and that each
realm has one master security server that contains a write-enabled database.
For RADIUS and SecurID security servers, verify with the security system administrator
that a shared secret is correctly configured on the access server and security server, and
that the access servers IP address is registered on the security server.
If the problem persists, verify the following:
You entered the correct Internet address and subnet mask. See the section Ve r if y
Internet Address (page 3-2).
If the security server is not on the access server's subnet, there is an Internet gateway
to the security server. See the section Verify Internet Host Name (page 3-3).
If Internet hosts are not explicitly configured on the access server, the DNS parameters
are set correctly. See the section Verify Domain Name System (DNS) Parameters (page
3-3).
If all attempts to access to the server using a valid username and password pair are
rejected, the security system administrator can check the logs on each authentication
host for information about the rejection.
To verify the Internet address, gateway, and DNS parameters, use the SHOW INTERNET
commands. For the correct syntax for these commands, refer to the Network Access
Software Commands Reference Guide.
To change the Internet address, gateway, and DNS parameters, use the CHANGE
INTERNET commands. For the correct syntax for these commands, refer to the Network
Access Software Management Guide.
To verify realm parameters, use the SHOW SECURITY command. Unless you are using
the default realm, type username@ realmname at the USERNAME prompt. Passwords are
case sensitive. For the correct syntax of these commands, refer to the Network Access
Software Commands Reference Guide.