RSA Security Video Gaming Accessories LRS1 User Guide

RSA SecurID Ready Implementation Guide  
SecurID Ready Implementation Guide  
Last Modified 12/20/99  
1. Partner Information  
Partner Name  
Web Site  
Product Name  
Version & Platform  
Product Description  
Lantronix  
LRS1, LRS2, LRS16, LRS32F  
Lantronix's LRS line of Remote Access Servers provide  
secure access for Dial-in, Dial-out, LAN-to-LAN,  
Console Server and ISP connections. An ideal choice  
for secure connectivity, all LRS models support PPP  
(PAP/CHAP), SLIP/CSLIP, SecurID, Radius, Kerberos,  
Unix, NetWare and local users database for  
authentication on both inbound and outbound  
connections. All LRS products support dial-back,  
Network Address Translation (NAT), routing of TCP/IP,  
IPX, and AppleTalk protocols is supported using RIP  
and static routes.  
Product Category  
Remote access server  
1
 
RSA SecurID Ready Implementation Guide  
4. Product Specifications  
ROUTING PROTOCOLS  
TCP/IP (RIP and Static Routing)  
IPX (RIP/SAP and Static Route)  
SERIAL INTERFACES  
LRS1  
- 1 RS232 DB25 (DTE) male connector 115 Kbps  
LRS2  
- 2 RS232 DB25 (DTE) male connectors & 1 RS423 (RS232C  
compatible) RJ45 interface 115Kbps  
LRS16  
- 16 RJ45 (RS232C / RS423) serial ports support up to 115Kbps  
LRS32F  
- 32 RJ45 (RS232C / RS423) serial ports support up to 230Kbps  
All supporting full modem control, V.90, ISDN modems and  
asynchronous CSU/DSUs.  
ETHERNET INTERFACES  
LRS1  
- RJ45 (10BASE-T)  
LRS2, LRS16  
- AUI, RJ45 (10BASE-T), BNC (10BASE2)  
LRS32F  
- 10/100 (BASE-T), AUI, BNC (10BASE2)  
MODEM SHARING  
IP hosts  
IPX hosts  
Free Lantronix Comm Port Redirector Software Supporting:  
Windows 95/98, Windows NT, Windows 3.11, DOS. Supports 16-  
and 32-bit applications  
Dial-on-Demand Routing  
Link Management Features  
IPX Protocol Spoofing  
Link Timeout Function  
Packet Filtering  
REMOTE ROUTING  
FUNCTIONALITY  
Support for all PPP-based Client Software including Windows  
95/98 & Windows NT DUN  
REMOTE NODE  
FUNCTIONALITY  
PRINT & TERMINAL  
SERVER FUNCTIONALITY  
IPX (Novell NetWare) TCP/IP (Unix)  
3
 
RSA SecurID Ready Implementation Guide  
5. Product’s ACE/Agent configuration  
The LRS supports the ACE/Server security system manufactured by RSA Security Inc.  
ACE/Server is a system of client-server software and accompanying token cards.  
Note: Refer to your RSA Security documentation for ACE/Server  
installation instructions.  
The SecurID card generates single-use, unpredictable numerical codes. These  
"tokencodes," together with the user's PIN, form the basis of the SecurID authentication.  
The PIN and generated tokencode are referred to collectively as SecurID PASSCODES.  
To gain access to a network protected by SecurID, both elements of the PASSCODE  
must be entered correctly.  
The RSA Security SecurID system requires certain communication between the  
ACE/Server and the end-user. For example, the user must enter a new PIN when a  
SecurID card is first used, and a second PASSCODE when locked out.  
PAP does not allow for these types of messages or additional user input. Therefore, it is  
strongly recommended that SecurID be run from character mode only. It is possible to  
use SecurID with PAP, provided that situations like those mentioned above are either  
prevented or handled in text mode on the next call.  
To log into the LRS, the user must enter a username at the username prompt, and the  
PASSCODE at the password prompt.  
To specify the SecurID ACE/Server for authentication of username/ PASSCODE, use  
Figure: Configuring the LRS to Use SecurID  
Local>> DEFINE AUTHENTICATION SECURID PRECEDENCE 1  
Local>> DEFINE AUTHENTICATION SECURID PRIMARY 192.0.1.50  
Local>> DEFINE AUTHENTICATION SECURID SECONDARY 192.0.1.51  
After SecurID is configured on the LRS, the LRS will receive further configuration  
information from the ACE/Server. However, this only happens the first time that the LRS  
and ACE/Server communicate. If you purge the authentication information on the LRS  
or change the precedence of SecurID, this learned information will be lost. You will need  
to have your ACE/Server administrator reinitialize the LRS with ACE/Server for SecurID  
to function properly again.  
If SecurID receives repeated authentication requests for an invalid username/password  
pair, it assumes that a login attack is taking place. SecurID will react by continually  
slowing its responses to the LRS. This problem can be avoided by ensuring that  
SecurID has the highest precedence number. For example, if you're using SecurID,  
Kerberos, and a UNIX password file, set SecurID's precedence to 3.  
4
 
RSA SecurID Ready Implementation Guide  
Set/Define Authentication SecurID  
Specifies that a Security Dynamics ACE/SecurID server will be used for authentication.  
Restrictions  
You must be the privileged user to use this command.  
Parameters  
Primary  
Specifies the first database or server to be checked. A specific address may be  
set with the address parameter, or the None parameter may be used to indicate  
that the database or file will not be used.  
Secondary  
If the LRS fails to authenticate the user using the primary database or server  
(due to network failure, server failure, missing or incorrect username/password),  
the secondary database or server will be checked. A specific address may be set  
with the address parameter, or the None parameter may be used to indicate that  
the server will not be used.  
If the user cannot be authenticated using the secondary database or server, the  
database or server with the next precedence level will be checked. If all  
precedence levels fail to authenticate the user, the user is prevented from  
logging in.  
address  
A text host name (if a DNS is available for name resolution) or an IP address in  
standard numeric format (for example, 193.23.71.49).  
None  
Clears the current server address.  
5
 
RSA SecurID Ready Implementation Guide  
Precedence  
Set the precedence in which this database or server is checked. The precedence  
number must be specified using the prec_num parameter.  
prec_num  
A precedence number between 1 and 6.  
Encryption  
SecurID (SID) or DES encryption will be used for authentication.  
SID  
Enables use of SecurID encryption.  
DES  
Enables use of DES encryption.  
Maxtries  
Specifies the maximum number of times the LRS will attempt to contact the  
SecurID server. Must be used in conjunction with the tries parameter.  
tries  
An integer between 1 and 255, inclusive.  
Port  
Specifies the UDP/IP Port number used to communicate with the primary and  
secondary SecurID servers. Must be used in conjunction with the PortNum  
parameter.  
PortNum  
An integer between 1 and 65535.  
Timeout  
Specifies the timeout period for a response from the SecurID server.Must be  
used in conjunction with the seconds parameter.  
seconds  
An integer between 1 and 255, inclusive.  
Defaults  
Encryption: DES.  
MaxTries: 5.  
UDP/IP port: 755  
Timeout: 3 seconds.  
Examples  
Local>> DEFINE AUTHENTICATION SECURID PRIMARY 192.0.1.55  
Local>> DEFINE AUTHENTICATION SECURID TIMEOUT 10 MAXTRIES 4  
Local>> DEFINE AUTHENTICATION SECURID ACCOUNTING ENABLED  
6
 
RSA SecurID Ready Implementation Guide  
6. Certification Checklist  
Indicate here the tests that were run to ensure the product is SecurID Ready::  
Test  
Pass  
Fail  
1st time auth. (node secret creation)  
X
New PIN mode:  
System-generated  
Non-PINPAD token  
PINPAD token  
X
X
User-defined (4-8 alphanumeric)  
Non-PINPAD token  
Password  
X
X
User-defined (5-7 numeric)  
Non-PINPAD token  
PINPAD token  
SoftID token  
Deny Alphanumeric  
User-selectable  
X
X
X
X
Non-PINPAD token  
PINPAD token  
X
X
Next Tokencode mode  
Non-PINPAD token  
PINPAD token  
X
X
X
X
Slave ACE/Server  
No ACE/Server  
X=Pass  
7. Known Problems  
None  
7
 

Quantum Cell Phone ST00531 User Guide
Radio Shack MP3 Player 12 1636 User Guide
RCA Projection Television HD52W56 User Guide
RCA Stereo System fm radio tuner User Guide
Renesas Computer Hardware SH7124 User Guide
Roland Musical Instrument Piano User Guide
Rolls Stereo Equalizer RPQ160 User Guide
Samsung Satellite TV System MF68 00271A User Guide
Sears Smoker 20070211 User Guide
Seiko Group Watch 9T82A User Guide