Specifications
Managing Access Server Security
23-34
Enabling AUTOLINK Authentication
If you want authenticated logins, you must separately configure the port to
require AUTOLINK AUTHENTICATION. The authentication can be by PPP PAP,
PPP CHAP, or interactively by terminal emulation (which could be a script). The
PC client is required to provide one authentication. SLIP users are treated as if
they are character-cell users.
Once authentication is successful, the protocol identified by AUTOLINK (PPP,
SLIP, or local login) starts.
Example: Enabling AUTOLINK Authentication
The following example shows how to enable AUTOLINK authentication:
Local> DEFINE PORT AUTOLINK AUTHENTICATION ENABLE
The SHOW PORT CHARACTERISTICS command shows AUTOLINK
authentication enabled in the ENABLED CHARACTERISTICS section.
Specifying an Authentication Method
The following table describes the authentication method used when you enable
AUTOLINK AUTHENTICATION and specify an LCP authentication method,
and an interactive authentication was not already performed prior to LCP
negotiation.
LCP Authentication Results
PAP USERNAME PC clients that connect immediately using PPP will be
authenticated using PPP PAP authentication. This setting is
required when you use Kerberos or SecurID authentication.
For Kerberos authentication, you must set the Kerberos
realm default ACCESS to NONE.
For other forms of authentication, such as RADIUS, CHAP
USERNAME may be used.
If you user the PAP NOUSERNAME options with the PORT
LCP AUTHENTICATION command, the login fails.