Download   Report
  1. No category

Document 188496

August 3, 2011
Article Version: 1.0
Description:
This article demonstrates how to setup Radius authentication failover between multiple
SafeWord authentication servers. Please note that there are many different ways a radius
server can be configured for failover, however in this case, the built-in SafeWord failover
mechanism will be used.
Steps to reproduce
In this scenario, we are using three different servers, including two independent SafeWord
authentications servers and a radius server. Moreover, the radius server is setup to failover to either
one of the authentication server in case one is unavailable.
Cause:
Failover between SafeWord authentication servers can fail for different reasons that might not be
apparent. In many cases the problem is related to the communication between the authentication
engine (AAA) and the Radius server. These communication problems include but not limited to
following:
1234-
Swec.md5 error, which is related to ssl communication via the SafeWord eaap protocol.
Firewall between the Radius server and the SafeWord authentication server.
Missing authentication server information in the NFuseStrongAuthenticator.cfg file.
Missing authentication engine in the SafeWord RADIUS Server Configuration
Solution:
In this article we will not focus on the on 1 and 2 because there are other articles dealing with these
specific topics, instead, will look into 3 and 4.
August 3, 2011
Article Version: 1.0
To configure SafeWord Radius for failover, please follow the steps below:
1- Open the SafeWord RADIUS Server Configuration page
2- Click on the Authentication engine and list you SafeWord authentication servers by IP address.
Please note the IP needs to be saved to commit the change and click OK.
August 3, 2011
Article Version: 1.0
3- Now, click on Radius client and add your radius client. For example, a Juniper VPN device can be
listed here with the same secret key as the one setup on juniper for radius authentication.
Please note that the client has to have a configuration for the radius server.
August 3, 2011
Article Version: 1.0
4- Finally ensure that both SafeWord authentication servers are listed in the
NFuseStrongAuthenticator.cfg file, located in the SafeWord installation directory (C:\Program
Files\Aladdin\SafeWord\Common) on SafeWord radius server.
Applies to all versions of SafeWord except SafeWord RemoteAccess
Document 235314

Document 235314

12-2 Practice Chords and Arcs

12-2 Practice Chords and Arcs

pi day by Simon Pampena Working out the Area of a Circle Calculating

pi day by Simon Pampena Working out the Area of a Circle Calculating

How to become CJIS  compliant compliant  From planning to implementation

How to become CJIS  compliant compliant  From planning to implementation

Technical Bulletin— How to Radius Decorative Edges May 2013

Technical Bulletin— How to Radius Decorative Edges May 2013

NSD1178 How to set Juniper SSL / VPN remote access... membership from ldap user database

NSD1178 How to set Juniper SSL / VPN remote access... membership from ldap user database

Volumes by Disks and Washers

Volumes by Disks and Washers

H o w

H o w

NSD1325 How to Integrate Citrix Access Gateway 5.x With One... Server  Fact Situation

NSD1325 How to Integrate Citrix Access Gateway 5.x With One... Server  Fact Situation

Document 88691

Document 88691

MESA Day 2012 Mousetrap Car - Distance 6 -8

MESA Day 2012 Mousetrap Car - Distance 6 -8

How To | Introduction Use 802.1x EAP-TLS or PEAP-MS-CHAP v2 with Microsoft

How To | Introduction Use 802.1x EAP-TLS or PEAP-MS-CHAP v2 with Microsoft

How to configure 802.1X authentication on ProCurve switches Contents

How to configure 802.1X authentication on ProCurve switches Contents

How To | Introduction Technical Guide List of terms

How To | Introduction Technical Guide List of terms

abcdocz.com

© Copyright 2024