1. Click the node at the navigation tree of “virtual gateway list”, then clicking the “configure of certification authority”, choosing the tab of the “server configure of certification authority”, enter the page of configure.
2. Configuring the information of SecurID server at the title bar of “server configure of certification authority>> SecurID server”.
3. Import the IP address of master SecurID server at “IP address of master server “. Cannot modify the IP address of SecurID server, when the user of SecurID certification authority is logging in to virtual gateway.
4. Import the port of master SecurID server at the “port of master server”. The port number must be in agreement with the open port number of SecurID server. Generally, the port number of SecurID server is 1812 and the part server is 1645.
5. Import the IP address of master SecurID server at the “IP address of standby server”.
6. Import the port of standby SecurID server at the “port of standby server”.
7. Import the no reply overtime of server at the “reply overtime of server”. Retransmission the message when over the “reply overtime of server” and the server does not answer. When the degree of message retransmission is more than the “degree of server retransmission”, there is no reply of the server, and this certification authority does not answer. Then enter in to the certification of next level until the certification is be success or is refused.
8. Import the most degree of overtime retransmission at the “degree of server retransmission”.
9. Chose the group filtering field at the “group filtering field”. The value of group filtering field is as the group name by SVN3000, and then be authorized. The configuration of group filtering field must be agreed with the Class of SecurID server or the configuration of Filter-ID, or else the authorization may not be able to pass. SVN3000 can obtain four Class or Filter-ID attribute to authorize at most and the redundant will be dropped. That is a SecurID subscriber belonging to four SecurID groups at most when it is logging in to virtual gateway.and the redundant groups will be dropped.
10. Import the shared key of SecurID server at the “shared key”. SVN3000 and SecurID server encrypt the the information to be transmitted by use the shared key. The shared key must be agreed with the shared key of SecurID server. Request this key from SecurID server administrators. Import the shared key more than once at the “duplicate shared key”.
11. Click “submission” to configure SecurID server.
12. Add the SecurID group. Click “exterior configuration” at the navigation tree and chose the “SecurID group information management”. Click the “adding” to add the name of exterior group such as “test_” and then click the “adding”.
13. Import user accounts “test_1”。 Need not to import the password.
14. Click the node at the navigation tree of “virtual gateway list”, and configure the authentication and authorization method as SecurID and VPNDB. Then click to give effect to the configuration.
15. The user imports the name of “test_1” at the login interface and the real-time password obtained from the terminal of RSA, so the authentication is passed.