Digital Networks IG-DRAS0-00 User manual
Remote Access Security Server
Installation Guide
Part Number: IG-DRAS0-00
November 2004
This book describes how to install the Digital Networks Remote Access Security Server software.
www.digitalnetworks.net
Digital Networks makes no representations that the use of its products in the manner described in this publication will not infringe on existing
or future patent rights, nor do the descriptions contained in this publication imply the granting of licenses to make, use, or sell equipment or
software in accordance with the description.
Possession, use, or copying of the software described in this publication is authorized only pursuant to a valid written license from Digital
Networks or an authorized sublicensor.
Copyright © 2004 DNPG, LLC ("Digital Networks"). All rights reserved. Printed in U.S.A.
Digital Networks
20 N. Wentworth Avenue
Londonderry, NH 03053
Web site: http://www.digitalnetworks.net
Digital Networks is the tradename of DNPG, LLC.
Trademarks
The following are third-party trademarks:
Adobe, Acrobat, and Acrobat Exchange are trademarks of Adobe Systems Incorporated.
3Com is a registered trademark of 3Com Corporation.
Cisco is a trademark of Cisco Systems, Inc.
HP is a registered trademark of Hewlett-Packard Corporation.
OpenView is trademark of International Business Machines Corporation.
TME 10 is a registered trademark of Tivoli Systems, Inc.
Windows NT and Internet Explorer are trademarks and Microsoft; Windows, Windows 95, and MS-DOS are registered trademarks of
Microsoft Corporation.
Novell and NetWare are registered trademarks and NMS are trademarks of Novell, Inc.
Unicenter is a registered trademark and TNG is a trademark of Computer Associates International, Inc.
Pentium is a registered trademark of Intel Corporation.
Netscape is a registered trademark of Netscape Communications Corporation
Java is a trademark or registered trademark of Sun Microsystems, Inc.
VAX and OpenVMS are trademarks of Compaq Computer Corporation.
All other trademarks and registered trademarks are the property of their respective holders.
5
Contents
Preface
Intended Audience ...............................................................................................................v
Structure of This Guide........................................................................................................v
Conventions ........................................................................................................................vi
Accessing Online Information ......................................................................................... viii
Chapter 1 Installation
Overview.......................................................................................................................... 1-1
In This Chapter ......................................................................................................... 1-1
Software Components............................................................................................... 1-1
Release Notes ........................................................................................................... 1-1
Microsoft Windows NT and Windows 9x, 2000 Installation .......................................... 1-2
Preparing for Installation .......................................................................................... 1-2
Special Note About DHCP Clients........................................................................... 1-2
Installing the Software.............................................................................................. 1-3
Installing DRAS as an NT Service ........................................................................... 1-3
Starting the DRAS Server......................................................................................... 1-4
Starting the DRAS Manager..................................................................................... 1-4
Environment Variables ............................................................................................. 1-4
Using HOST Authentication on Windows NT Domain Controllers ........................ 1-5
Running DRAS in Console Trace Mode on Windows NT....................................... 1-5
Running the DRAS Server in Debug Trace Mode ................................................... 1-6
Files Installed on Windows NT Systems.................................................................. 1-6
Files Installed on Windows 9x, 2000 Systems ......................................................... 1-8
Deinstallation............................................................................................................ 1-9
OpenVMS Installation ................................................................................................... 1-10
Before You Install................................................................................................... 1-10
Installing the Software............................................................................................ 1-10
Logicals .................................................................................................................. 1-11
Starting the DRAS Server....................................................................................... 1-11
Running the DRAS Server in Debug Trace Mode ................................................. 1-11
Files Installed.......................................................................................................... 1-12
Tru64 UNIX Installation................................................................................................ 1-14
Introduction ............................................................................................................ 1-14
Installing the Software............................................................................................ 1-14
Environment Variables ........................................................................................... 1-15
Starting the DRAS Server as a Console ................................................................. 1-16
Starting the DRAS Server as a Daemon ................................................................. 1-16
Contents
6
Running the DRAS Server in Debug Trace Mode.................................................. 1-16
Stopping the DRAS Server ..................................................................................... 1-17
Files Installed.......................................................................................................... 1-17
Deinstallation .......................................................................................................... 1-19
Postinstallation ............................................................................................................... 1-19
Introduction............................................................................................................. 1-19
Configuring Access Server Units ........................................................................... 1-20
Registering Access Server Clients .......................................................................... 1-21
Troubleshooting Management Connection Failures............................................... 1-21
Appendix A DRAS Server Initialization File
Overview......................................................................................................................... A-1
In This Appendix ..................................................................................................... A-1
Initialization File Description ......................................................................................... A-1
File Names ............................................................................................................... A-1
Initialization File Example....................................................................................... A-2
[Storage] Section............................................................................................................. A-3
Description............................................................................................................... A-3
Entry Descriptions ................................................................................................... A-3
[Server] Section............................................................................................................... A-4
Description............................................................................................................... A-4
Entry Descriptions ................................................................................................... A-4
[Policy] Section............................................................................................................... A-5
Description............................................................................................................... A-5
Entry Descriptions ................................................................................................... A-5
[Ports] Section.................................................................................................................A-6
Description............................................................................................................... A-6
Entry Descriptions ................................................................................................... A-7
1
Preface
This guide explains how to install the Digital Networks Remote Access Security Server
(DRAS) software for the following operating systems:
• Microsoft Windows NT
• Microsoft Windows 9x, 2000 (management utility only)
•OpenVMS
• Tru64 UNIX
Intended Audience
This guide is written for system or network administrators responsible for managing
remote access network devices and remote access network connections.
Structure of This Guide
This guide is organized as follows:
Chapter/
Appendix Title Description
Chapter 1 Installation Provides instructions for installing the Digital Networks Remote
Access Security Server software on systems that run Microsoft
Windows NT, Microsoft Windows 9x, 2000, OpenVMS, or Tru64
UNIX operating systems.
Appendix A DRAS Server
Initialization File
Describes the [Storage], [Server], [Policy], and [Ports] sections of
the DRAS Server initialization file.
Preface
2
Conventions
This document uses the following symbol:
The following typographical conventions are used:
Convention Description
italics Italic text in commands indicates variables for which you must supply a
value.
monospace Monospaced text in command examples indicates system output.
boldface Boldface text in command examples indicates commands that you enter.
Note symbol. Calls the reader’s attention to any item of information that may be of
special importance.
NOTES
3
Preface
Related Documentation
All documentation is located on our web site, see accessing online information.
All documentation also resides on CD (CD-DNAS0-00).
Part Number Title Description
IG-DSC04-00 DECserver ConX4and ConX4P
Installation and User’s Guide
Describes how to install, cable and use
the ConX4and ConX4P
.
IG-DSRVW-00 DECserver 716 and 732
Installation and User’s Guide
Describes how to install, cable and use
the DECserver 716 and DECserver
732.
QS-DSRVW-00 DECserver 716 and 732 Quick
Start Card
Describes how to install, cable and use
the DECserver 716 and DECserver
732.
IG-DCSRV-00 DECserver 90M+ Installation
& Users Guide
Describes how to install, cable and use
the DECserver 90M+.
IG-DSRVZ-00 DECserver 900TM Installation
& Users Guide
Describes how to install, cable and use
the DECserver 900TM.
MG-DNAS0-00 Network Access Software
Management Guide
Provides instructions on how to
manage the Network Access Software.
CG-DNAS0-00 Network Access Software
Command Reference Guide
Lists commands used with the
Network Access Server.
PG-DNAS0-00 Network Access Software
Problem Solving Guide
Describes how to troubleshoot
problems while using the Network
Access Software.
IG-DNAS0-00 Network Access Software
Installation Guide
Provides how to install the Network
Access Software.
RN-DNAS0-00 Network Access Software
Release Notes
Documents any release consideration,
restrictions, and conditions for the
Network Access Software.
IG-DRAS0-00 Remote Access Security Server
Installation Guide
Provides instructions on how to install
the Remote Access Security Server.
MG-DRAS0-00 Remote Access Security Server
Management Guide
Provides instructions on how to
manage the Remote Access Security
Server.
Preface
4
Accessing Online Information
Documentation Comments
Digital Networks prides itself on responding to customer needs. To continue serving you, we need
your comments. If you find errors in a document or want to make comments, please E-mail your
comments to:
Support Services
To locate product-specific information and warranty information, refer to the following Digital
Networks web sites:
www.digitalnetworks.net
To contact us by mail:
Digital Networks
20 N. Wentworth Avenue
Londonderry, NH 03053
To contact us by phone:
U.S. and Canada (603) 216-6000
Europe +44 (0) 1256-855-600
1-1
Chapter 1
Installation
Overview
In This Chapter
This chapter provides instructions about installing the Digital Networks Remote Access
Security (DRAS) software on systems that run Microsoft Windows NT or Windows 9x,
2000 operating systems.
Software Components
The following table lists the software components that the DRAS installation procedure
installs:
Release Notes
Each installation kit contains release notes. The release notes contain additional technical
information that is not currently in the documentation. Please read the release notes before
you install the DRAS software.
For This Operating System: The Procedure Installs:
Microsoft Windows NT DRAS Server software and the DRAS Manager (the
management utility)
Microsoft Windows 9x, 2000 DRAS Manager (the mangement utility)
OpenVMS DRAS Server software and the unsupported command
line manager utility
Tru64 UNIX DRAS Server software
Installation
1-2
Microsoft Windows NT and Windows 9x, 2000 Installation
Preparing for Installation
The following table lists the prerequisites for installing the DRAS software on a Microsoft
Windows NT or Windows 9x, 2000 system:
Special Note About DHCP Clients
Do not install the DRAS Server software on a Windows NT system that is a DHCP
(Dynamic Host Configuration Protocol) client. A DHCP server can assign a different IP
address to the DHCP client each time the client requests an IP address. This can cause
problems with accessing the DRAS Server.
For This: You Need This for
the DRAS Server:
And This for
the DRAS Manager:
Operating system Windows NT Version 3.51, 4.0,
or higher
Either of the following:
• Windows NT Version 3.51,
4.0, or higher
• Windows 9x, 2000
Memory 32 MB 32 MB
Disk space for files Database files can vary
depending on activity. See the
Release Notes or
README.TXT file for details.
Database files and user cache size
can vary depending on activity.
See the Release Notes or
README.TXT file for details.
System setup TCP/IP stack installed and
running.
TCP/IP stack installed and
running.
1-3
Installation
Installing the Software
To install the software, do the following:
Installing DRAS as an NT Service
After installing the DRAS software, install DRAS as an NT service. Use the following
command in the NT console window:
c:\> Drassrv install
Step Action
1Insert the DRAS installation CD into your CD-ROM drive and run the appropriate
SETUP.EXE file using the Program Manager or the Start menu:
• If installing on a Windows NT or Windows 9x, 2000 Intel system, run
\DRAS\WINNT\I386\SETUP.EXE.
• If installing on a Windows NT Alpha system, run
\DRAS\WINNT\ALPHA\SETUP.EXE.
Example: Use the following path to install the DRAS software on a Windows NT
Intel system in which drive D is the CD-ROM drive.
D:\DRAS\WINNT\I386\SETUP.EXE
If this is a new installation or if you want to install DRAS into a
different directory, reboot your system before proceeding.
2To initialize your DRAS Server’s database, go to the DRAS installation directory
and run the setupDb command line utility from a console window.
Enter your management station’s Internet address and its secret when prompted.
The installation procedure creates a database that contains:
• An administration group object named Admin.
• A users group object named Users.
• An administrator user object. The procedure prompts you to enter a user name
and password.
• A client object for a management station.
• Authentication objects for the standard authentication methods.
Installation
1-4
Starting the DRAS Server
After you install the DRAS Server as an NT service, do the following to start a DRAS
Server at any time:
Modifying Startup Parameters
When you install DRAS as an NT service, the startup type is set to manual. Use the
Services application to modify the DRAS startup parameters if you want DRAS to start
automatically each time the system boots.
Starting the DRAS Manager
To start the DRAS Manager, click on the DRAS Manager icon in your DRAS program
group. Refer to the Remote Access Security Server Management Guide for details about
using the DRAS Manager or see the DRAS Manager’s online help.
Environment Variables
The installation procedure defines the following environment variables:
Step Action
1Open the Control Panel.
2Run the Services application.
3Select Remote Access Security from the displayed list.
4Click Start to start the DRAS service.
Variable Description
DRAS_DIR Defines the full path where the DRAS Server stores its database files.
Default Path: \DRAS
DRAS_CALLOUT Defines the full path where the DRAS callout DLL files reside.
Default Path: \DRAS
1-5
Installation
Using HOST Authentication on Windows NT Domain Controllers
If you install the DRAS Server on a Windows NT server that is a primary domain
controller, you must change the account of any local user that is authenticated by HOST
authentication:
See the Remote Access Security Server Management Guide for more information about
HOST authentication.
Running DRAS in Console Trace Mode on Windows NT
To perform host authentication on Windows NT while running in interactive trace mode,
you must use an account with the privilege to act as part of the operating system:
Step Action
1From the Programs menu, select Administrative Tools and then User Manager.
2Click User and then New Local Group... from the menu.
3Create a new group named “DRAS Users”.
4Click Policies and then User Rights from the menu.
5Select “Log on locally” from the drop-down list box.
6Add the right to the DRAS Users group.
7Select the user accounts from which you will interactively run the DRAS Server
and add them as members of the DRAS Users group.
Step Action
1From the Programs menu, select Administrative Tools and then User Manager.
2Click User and then New Local Group... from the menu.
3Create a new group named “DRAS Server”.
4Click Polices and then User Rights from the menu.
5Check the Show Advanced User Rights check box.
6Select “Act as part of the operating system” from the drop-down list box.
7Add the right to the DRAS Server group.
Installation
1-6
Running the DRAS Server in Debug Trace Mode
You can run the DRAS Server from the console in debug trace mode. The trace often
provides sufficient information to solve authentication and remote management
connection problems. You can also verify that the server is able to start and initialize. To
run trace mode:
You can view more detailed trace information using a trace level of 6, 7, or 998.
Files Installed on Windows NT Systems
The following table lists the files that the installation procedure installs:
8Select the user accounts from which you will interactively run the DRAS Server
and add them as members of the DRAS Server group.
9Log out and then log on to enable the new privileges.
Step Action
1Stop the server if it is running as a service.
2Make sure the environment variable DRAS_DIR points to the location of the
DRAS database files.
3Go to the DRAS installation directory.
4Start the server using the following command:
> drassrv console 5
File Name Description
Files in \DRAS
README.TXT Release Notes
DRASSRV.EXE DRAS Server executable
DRASMAN.EXE DRAS Manager executable
DRASMAN.HLP DRAS Manager online help
DRASRC.DLL DRAS Manager Windows resources
Step Action
1-7
Installation
DRASCOAR.DLL Accounting database interface
DRASCOUR.DLL User and server database interface
DRASCOSP.DLL Static password authentication module
DRASCOWW.DLL WatchWord authentication module
DRASCOCH.DLL CHAP authentication module
DRASCODS.DLL Defender authentication module
DRASCOHP.DLL Host password authentication module
DRASCOSD.DLL SecurID authentication module
DRASCOSK.DLL OTP authentication module
SETUPDB.EXE SetupDb utility
DRAS.INI Initialization file
Files in %SystemRoot%\System32
ADVAPI32.DLL API for NT system services
GRID32.OCX Access Hour grid control
MFC40.DLL Microsoft Foundation Class library,
Version 4.0
MFC42.DLL Microsoft Foundation Class library,
Version 4.2
MSVCRT.DLL Microsoft Visual C++ Run Time library
MSVCIRT.DLL Microsoft Visual C++ library
OLEPRO32.DLL Specific OLE grid control
REGSVR32.EXE Creates entries in the Windows
Registration Database
File Name Description
Installation
1-8
Files Installed on Windows 9x, 2000 Systems
The following table lists the files that the installation procedure installs:
File Name Description
Files in \DRAS
README.TXT Release Notes
DRASMAN.EXE DRAS Manager executable
DRASMAN.HLP DRAS Manager online help
DRASRC.DLL DRAS Manager Windows resources
DRASCOAR.DLL Accounting database interface
DRASCOUR.DLL User and server database interface
DRASCOSP.DLL Static password authentication module
DRASCOWW.DLL WatchWord authentication module
DRASCOCH.DLL CHAP authentication module
DRASCODS.DLL Defender authentication module
DRASCOHP.DLL Host password authentication module
DRASCOSD.DLL SecurID authentication module
DRASCOSK.DLL OTP authentication module
SETUPDB.EXE SetupDb utility
DRAS.INI Initialization file
Files in
%SystemRoot%\System32
ADVAPI32.DLL API for NT system services
GRID32.OCX Access Hour grid control
MFC40.DLL Microsoft Foundation Class library, Version 4.0
MFC42.DLL Microsoft Foundation Class library, Version 4.2
MSVCRT.DLL Microsoft Visual C++ Run Time library
MSVCIRT.DLL Microsoft Visual C++ library
OLEPRO32.DLL Specific OLE grid control
REGSVR32.EXE Creates entries in the Windows Registration Database
1-9
Installation
Deinstallation
To remove the DRAS software, do the following:
Step Action
1Bring up the Control Panel.
2Click Add/Remove Programs.
3Click Digital Networks Remote Access Security Server from the list of programs.
4Click the Add/Remove... button to remove the software.
Installation
1-10
OpenVMS Installation
Before You Install
The following table lists the prerequisites required for installing the DRAS software on an
OpenVMS system:
Management
To manage the DRAS server on an OpenVMS system, install the DRAS Manager on a
Windows NT or Windows 9x, 2000 system.
Installing the Software
To install the DRAS software on an OpenVMS system, do the following:
For This: You Need This
on VAX Systems:
And This
on Alpha Systems:
Operating System OpenVMS 6.2 or higher OpenVMS 6.2 or higher
Minimum disk space 1000 blocks 1700 blocks
Step Action
1Log in to the SYSTEM account.
2Insert the CD into your CD-ROM drive and mount it using the following
command:
$ MOUNT ddcu: DNAS0nn /MEDIA=CD
The ddcu: variable is the CD-ROM drive. When you mount the CD-ROM drive,
you can access the [DRAS.OPENVMS] directory that contains the DRAS kit for
OpenVMS.
3If you previously installed the DRAS software, terminate any active DRAS
servers. Enter the following:
$ @SYS$MANAGER:DRAS$SHUTDOWN
4Run the VMSINSTAL procedure:
$ @SYS$UPDATE:VMSINSTAL DRAS0nn ddcu: OPTIONS N
where nn is the current version number
5Follow the instructions that the DRAS installation procedure provides.
1-11
Installation
Initial Database
During installation, the procedure prompts you to enter information it needs to create the
initial DRAS server database. The installation procedure populates the database with:
• An administration group object (default name is ADMIN).
• A users group object (default name is USERS).
• An administrator user object (default name is SYSTEM). The installation procedure
prompts you to enter a password.
• Authentication objects for the standard authentication methods.
• A client object for a management station.
You can select the default names for these objects or enter different ones during the
installation.
Logicals
The installation procedure defines the following logicals:
Starting the DRAS Server
Type the following at the DCL prompt:
@SYS$STARTUP:DRAS$STARTUP
Running the DRAS Server in Debug Trace Mode
You can run the DRAS server from the console in debug trace mode. The trace often
provides sufficient information to solve authentication and remote management
connection problems. You can also verify that the server is able to start and initialize.
Logical Description
DRAS$DIR DRAS$DIR Defines the full path where the DRAS server stores its database
files.
Default Path: SYS$COMMON:[SYSEXE]
DRAS$COxx DRAS$COxx Defines the full path where the DRAS callout images reside.
Default Path: SYS$COMMON:[SYSLIB]
Installation
1-12
To run trace mode:
You can view more detailed trace information using a trace level of 6, 7, or 998.
Files Installed
The OpenVMS installation kit contains executable images for OpenVMS Alpha and
OpenVMS VAX systems. During installation, the procedure installs the correct files for
the system on which you are installing the software.
The following table lists the files that the installation procedure installs:
Step Action
1Stop the server if it is running as a detached process.
2Make sure the logical name DRAS$DIR resolves to the location of the server
database files.
3Define DRAS$TRACE_LEVEL as 5.
4Start the server using the following command:
> $ MCR DRAS$SERVER
File Name Description
Files in DRAS$DIR
DRAS$CONFIG.INI Initialization file
Files in SYS$COMMON:[SYSMGR]
DRAS$SYSTARTUP.COM DRAS$SYSTARTUP.COM Secondary
startup command procedure
DRAS$REGISTER_COS.COM DRAS$REGISTER_COS.COM
Authentication method registration
procedure
DRAS$RUN.COM DRAS$RUN.COM Secondary startup
command procedure
DRAS$SHUTDOWN.COM DRAS$SHUTDOWN.COM DRAS server
shutdown command procedure
Files in SYS$COMMON:[SYSHLP]
DRAS0nn.RELEASE_NOTES Release Notes
Table of contents
Other Digital Networks Server manuals
