[Top] [Prev] [Next] [Bottom]
Using the CRYPTOCard to Authenticate
This document covers the steps for a user to authenticate once you have set up the RADIUS server, GTSecure, and the CRYPTOCard.
Authenticating using HTTP
Authenticating using Telnet
Authenticating using HTTP
Follow these steps to authenticate using an HTTP session to the GTSecure router and a CRYPTOCard:
- 1. Run HTTP to the GTSecure router. For example:
http://router.nxnetworks.com/auth
- 2. Enter your login name and password.
Login: wfkrt
Password:******
- 3. GTSecure sends the name to the RADIUS server. The server sends back a challenge, which GTSecure displays.
Challenge: 123456
Enter Response:
- 4. Turn on the CRYPTOCard and enter your PIN (Personal Identification Number). If the card is set up for
Reduced-entry mode, press Ent.
Challenge-response mode, key in the challenge and then press Ent.
- 5. The CRYPTOCard displays a response to the challenge. Enter the response into the GTSecure HTTP session.
Enter Response: b24-f608
- 6. GTSecure sends the response to the RADIUS server. If the server accepts the response, it sends an acknowledgment to GTSecure.
- 7. GTSecure displays a Web page that says "Authentication Successful," and GTSecure installs all IP filter profiles set up for you.
- 8. You can now access the services you selected.
You can optionally program a URL for each user as the page for GTSecure to display when the user successfully authenticates. To do so, add a URL to the Reply-Message field in the RADIUS server database. (In older RADIUS servers, this field was called Port-Message.)
Authenticating using Telnet
Follow these steps to authenticate using a Telnet session to the GTSecure router and a CRYPTOCard:
- 1. Run Telnet to GTSecure.
- 2. Enter your login name and when GTSecure requests a password, press Enter.
Login: wfkrt
Password:Enter
- 3. GTSecure sends the name to the RADIUS server. The server sends back a challenge, which GTSecure displays.
Challenge: 123456
Enter Response:
- 4. Turn on the CRYPTOCard and enter your PIN. If the card is set up for
Reduced-entry mode, press Ent.
Challenge-response mode, key in the challenge and then press Ent.
- 5. The CRYPTOCard displays a response to the challenge. Enter the response into the GTSecure Telnet session.
Enter Response: b24-f608
- 6. GTSecure sends the response to the RADIUS server. If the server accepts the response, it sends an acknowledgment to GTSecure. The acknowledgment includes either a user service type or a list of IP filter profiles that are set up for you.
- 7. If the acknowledgment included a user server type, you are logged directly into the router with the user service type (administrative or monitoring) specified for your user ID. You can begin your router session.
- 8. If the acknowledgment included a list of IP filter profiles, GTSecure displays the IP filter profiles.
Enter the number(s) of the profiles that you want to activate.
[1] Email
[2] FTPtoServer1
[3] AccessPC
Enter profiles to activate (comma/space separated, default=1): 1, 2
- 9. GTSecure installs the profiles and closes the Telnet session. You can now access the services you selected.
[Top] [Prev] [Next] [Bottom]
Copyright © 2001, Nx Networks, Inc. All rights
reserved.