This page shows a flow chart
describing how to set up the SafeDial+ to operate in a RAS server.
This example assumes that you are using a SafePort rack or an Optiva.
Hover the mouse button or click on any of the boxes for more information.
RAS
Servers
SafeDial+ can be used with Windows 2000 Server RAS and Windows NT
Server RAS. Window 2000 Professional has limited RAS capability which
just allows you to specify an "Incoming connection" on
a single modem - this functionality is not discussed in this document.
Follow the link for details on configuring Kasten Chase Optiva.
Modem Install
There are two different methods for installing the modems under
Windows 2000 and Windows NT. The basic concept to understand here
is that the SafeDial+ must be configured with three pieces of information
before it can accept an incoming call;
1. Logon to the SafeDial+ with your password.
2. Set the time and date on the SafeDial+ - this is an important
issue; the SafeDial+ has no on board clock so the correct time and
date must be entered every time you use it. The SafeDial+ will compare
the validity date of the CA and Certificate
3. Set the mode - encrypt, clear or auto (UKG SafeDial+ can only
operate in encrypt mode).
Both methods allow you to send this information to the SafeDial+
but they do it in slightly different ways.
MDMSD.inf
Go through the add modem wizard - select the have disk option and
browse to the folder location containing the MDMSD.inf file. When
using this method you need to use the modem initialisation string
as discussed above:
This is the preferred method - the main benefit of using this method
is that if you need to change the password or date in the string
you can do so easily.
SDSECURE.inf
Go through the add modem wizard - select the have disk option and
browse to the folder location containing the sdsecure.inf file. The
difference here is that rather than supplying the logon string, time
and date etc. via an initialisation string this information is actually
contained in the .inf file itself and is added at installation time.
This method can be useful if you have a lot of SafeDial+s to install
at once and they all have the same details (e.g. same password, same
key material validity date etc.). However, it can be problematic
- if you need to change any details (e.g. password, date string)
you have to uninstall the SafeDial+, modify the sdsecure.inf file
and then reinstall the SafeDial+. The MDMSD.inf and initialisation
string method is favourable. The parts that need to be modified in
the sdsecure.inf file are:
HKR, Init, 5,, "AT$ubracal<cr>"
HKR, Init, 6,, "AT$mq0001281200Z<cr>"
HKR, Init, 7,, "AT$uc<cr>"
COM Port Expansion
When using a RAS server it is impractical to have multiple physical
COM ports on your server. Instead a COM port expansion device can
be used - this is device which connects to the RAS server over ethernet.
The installation of the driver adds virtual COM ports to the RAS
server, when the RAS server sends information to these COM ports
the driver redirects the commands to the COM port expansion device.
We currently use two devices; the Comtrol RTS Devicemaster 16 and
the Digi Etherlite. They effectively carry out the same procedure
but the wiring on the cable that connects from the RJ45 socket to
the RJ45 socket on the SafePort is different for each product. Consult
vendor documentation for details on setting up the Devicemaster or
Digi Etherlite. Some customers may also be using a product called
the Equinox which is similar but use a PCI card in the PC rather
than connecting over ethernet. Again, the wiring for the RJ45 cable
is different.
Kasten Chase Optiva
We are currently in discussion with Kasten Chase about Optiva operation
with the SafeDial+. More information will be posted as soon as we
have it.
Return to the start page...
|
