Enterasys Networks Network Card User Manual
Aurorean™ Virtual Network
Aurorean™ Virtual Network
Aurorean™ Virtual NetworkAurorean™ Virtual Network
RiverMaster
RiverMaster
RiverMaster RiverMaster
Administrator
Administrator’s Guide
AdministratorAdministrator
Version 3.1
Version 3.1
Version 3.1Version 3.1
s Guide
s Guides Guide
©2001 Enterasys Networks. Allrights reserved. This publication contains information that is the property of
Enterasys Networks. No part of this publication may be copied, photocopied, repr oduced, translated, or reduced to
any electronic medium or machine readable form without prior written consent of Enterasys Networks. Information in
this publication is subject to change without notice. Enterasys Networks assumes no responsibility for errors or
omissions in this publication or for the use of this mat erial.
Part Number: AVN-RMAG-R31
Released: March 2001
Printed in the USA.
For more information on Enterasys Networks products, refer to the following table:
U.S. Office
Address 35 I ndustrial Way
Rochester, NH 03866
Phone 1-877-641-7400
Fax (603) 3 37-2211
Internet http://www.enterasys.com
Sales 1-877-641-7400
www.enterasys.com
Support Call the Enterasys GTAC at
1-800-872-8440 or email us at
support@enterasys.com
The Enterasys Networks logo, Aurorean, Prescriptive Diagnostic Engine, RiverM aster, Intelligent Client Routing and
TollSaver, and TurboTunnel are trademarks of Enterasys Networks.
Microsoft, MS, and MS-DOS are registered trademarks and Windows, Windows 95, Windows 98, Windows NT,
Windows 2000 Professional, and Windows Millennium are trademarks of Microsoft Corporation in the USA and other
countries.
Virtual Network Computing is a trademark of AT&T Laboratories C ambridge.
Other trademar ks and trade names used in this publication belong to their respective owners.
Aurorean Virtual Network software includes the following third-party components:
Gate Daemon software. © 1995 The Regents of the University of Michigan. All rights reserved.
Gate Daemon was originated and developed through release 3.0 by Cornell University and its collaborators.
A DES implementation written by Eric Young. © 1995-1997 Eric Young (eay@cryptsoft.com). All rights reserved.
MD4 and MD5 implementation derived from the RSA Data Security, Inc. MD4 Message-Digest Algorithm and
MD5 Message-Digest Algorithm. © 1991-2, RSA Data Security, Inc. Created 1991. All rights reserved.
ccp.c - PPP Compression Control Protocol. © 1994 The Australian National University. All rights reserved.
chap.c - Cryptographic Handshake Authentication Protocol.© 1991 GregoryM. Christy. All rights reserved.
chap_ms.c - Microsoft MS-CHAP compatible implementation. © 1995 Eric Rosenquist, Strata Software Limited
(www.strataware.com). All rights reserved.
fsm.c - {Link, IP} ControlProtocol Finite State Machine. © 1989 Carnegie MellonUniversity.All rights reserved.
Routinesto compressand uncompress TCP packets(fortransmission over low speed seriallines).
© 1989 Regents of the University of California. All rights reserved.
Portions of Aurorean Client Software are copyrighted to ICE Engineering, Inc. and licensed through a GNU public license. For
more information, including access to the source code, visit their Web site at www.ice.com.
ii
RiverMaster Administrator’s Guide
Table of Contents
Table of Contents
Table of ContentsTable of Contents
About Thi s Guide
Contents of the Guide ...........................................................................................................ix
Conventions Used in this Guide..........................................................................................xi
Related Documents................................................................................................................ xi
Chapter 1 – Installing RiverMaster Software
System Requirements..............................................................................................................1
Hardware Requirements..................................................................................................1
Software Requirements....................................................................................................2
Installing the Application.......................................................................................................2
Upgrading a Previous Release........................................................................................2
Installation Steps...............................................................................................................2
Starting the Application for the First Time...................................................................4
Removing RiverMaster Files..................................................................................................9
Chapter 2 – Getting Started with RiverMaster
RiverMaster Overview..........................................................................................................11
Logging into RiverMaster.....................................................................................................13
Checking Server Status .........................................................................................................15
Problem Summary & Users Logged In........................................................................15
Aurorean Network Gateway Statistics........................................................................16
Aurorean Policy Server Statistics.................................................................................17
Setting Up a Aurorean Virtual Network the First Time...................................................21
RiverMaster Administrator’s Guide
iii
Table of Contents
Chapter 3 – Configuring an ANG-3000/7000
Before You Begin ................................................................................................................... 26
Allocating IP/IPX Addresses to Remote Clients.......................................................27
Virtual Subnets for Site-to-Site and Remote Access Tunnel Servers.............. 30
Intelligent Client Routing .............................................................................................31
NAT Server......................................................................................................................33
Site-to-Site Tunnels ........................................................................................................34
AutoLink Recovery........................................................................................................ 35
General Aurorean Network Gateway Settings.................................................................37
Viewing Aurorean Alternate Address Information.........................................................42
Tunnel Protocols.................................................. ...... ............................................................ 43
Virtual Subnetting ................................................................................................................. 50
IP Subnetting .................................................................................................................. 50
iv
IPX Virtual Networks .................................................................................................... 52
Routing ................................................................................................................................... 54
Setting Routing Protocol Parameters.......................................................................... 55
Setting RIP Properties ........................................................................................... 55
Setting OSPF Properties........................................................................................ 57
Routing Interfaces.......................................................................................................... 59
Adding or Removing a Routing Protocol for an Interface............................... 60
Configuring RIP for the Interface........................................................................ 62
Configuring OSPF on an Interface...................................................................... 64
Creating Static Routes........................................................................................... 65
Adding a Remote Server...................................................................................................... 68
Changing Server and Tunnel Properties..................................................................... 71
RiverMaster Administrator’s Guide
Chapter 4 – Setting Up Aurorean Services
Before You Begin....................................................................................................................75
Authorization Plug-in Options.....................................................................................76
RADIUS Authentication Servers.......................................................................... 76
Plug-in Planning..................................................................................................... 77
Threads..................................................................................................................... 77
Private/Public Keys for IPSec Authentication...........................................................78
Problem Notification......................................................................................................78
Trace Levels......................................................................................................................79
Adding an Authorization Plug-In.......................................................................................80
Enterasys Authentication ..............................................................................................81
RADIUS Authorization..................................................................................................83
SecurID Authorization...................................................................................................87
Table of Contents
Generating Private/Public Keys..........................................................................................91
Using the Notification Service to Send E-Mail..................................................................93
Creating a Mailing List...................................................................................................93
Adding an Address to a Mailing List ..........................................................................95
Setting Trace Levels ...............................................................................................................97
Backing Up the Database............................ ...... ..... ................................................... ............98
Chapter 5 – Controlling Remote U s er Dialing & Access
Before You Begin..................................................................................................................101
TollSaver Database........................................................................................................102
Corporate Dial-Up Access...........................................................................................103
Problem Notification....................................................................................................104
Creating POP Packages.......................................................................................................105
Adding Corporate ISPs.......................................................................................................108
RiverMaster Administrator’s Guide
v
Table of Contents
Adding POPs for Corporate ISPs........................................................ ...... ..... ...... ..............114
Chapter 6 – Managing Users & Groups
Before You Begin ................................................................................................................. 120
Group Policies .............................................................................................................. 121
Aurorean Client Installation Kits............................................................................... 122
Client Synchronization................................................................................................124
Group Notices...............................................................................................................127
Creating a New Group.......................................................................................................127
Adding Users to a Group............................................................................................ 134
Modifying User & Group Information.....................................................................137
Removing Users & Groups.........................................................................................138
Creating an Aurorean Client Installation Kit..................................................................139
Controlling Client Synchronization.................................................................................. 145
Viewing Group Policies...............................................................................................146
Building Core Data Files.............................................................................................147
Uploading Software Synchronization Files..............................................................149
Setting Up Group Notices..................................................................................................152
Chapter 7 – Viewing Server Activity & Statistics
Monitoring System Activity .............................................................................................. 157
Current Message Activity...........................................................................................157
Advanced Message Viewer ........................................................................................164
RiverMaster Options ................................................................................................... 170
Viewing Tu nnel Activity .................................................................................................... 173
Using SNMP to Gather Statistics ......................................................................................176
vi
RiverMaster Administrator’s Guide
Chapter 8 – Generating Reports
Report Contents....................................................................................................................177
Server Anomaly Report ...............................................................................................177
Network Gateway Report............................................................................................179
Client Anomaly Report................................................................................................182
Client Report..................................................................................................................183
Accounting Report........................................................................................................187
Downloading, Viewing and Exporting Reports..............................................................190
Printing Reports............................................................................................................193
Exporting Reports.........................................................................................................194
Exporting Reports to a Disk File ........................................................................ 194
Exporting Reports to a Microsoft Exchange Folder......................................... 203
Exporting Reports Using MAPI ......................................................................... 207
Table of Contents
Appendix A – Glossary
Appendix B – ANG-3000/7000 Preconfigu ration Stored on a
Floppy Disk
Adding Remote Gateways..................................................................................................218
Configuring ANG IP Addresses........................................................................................220
Configuring Tunnel Protocols............................................................................................221
Configuring Virtual Subnets..............................................................................................228
Configuring Routing Protocols..........................................................................................230
OSPF Properties.................................... ...... ..... ................................................... ..........232
RiverMaster Administrator’s Guide
vii
Table of Contents
Configuring Routing Interfaces ........................................................................................234
Configuring RIP for the Interface.............................................................................. 236
Configuring OSPF on an Interface ............................................................................ 238
Creating Static Routes................................................................................................. 239
Creating Remote Connections...........................................................................................242
Loading the Floppy Disk.................................................................................................... 247
Chapter 9 – License Agreement & Support
Enterasys Networks License Agreement......................................................................... 249
License Grant................................................................................................................ 249
Warranty........................................................................................................................250
Infringement Indemnification....................................................................................251
Limitation of Liability..................................................................................................251
Index
viii
Termination................................................................................................................... 252
International Provisions.............................................................................................. 252
Applicable Law ............................................................................................................ 252
U. S. Government - Commercial Computer Software............................................253
Technical Support................................................................................................................ 254
Support from Authorized Resellers..........................................................................254
Support from Enterasys Networks............................................................................254
On-line Services ................................................................................................... 254
Phone Support...................................................................................................... 254
RiverMaster Administrator’s Guide
This guide describes how to use Version 3.1 of the RiverMaster management
application to set up and monitor Aurorean Virtual Network systems. While
written primarily to describe how to configure a Aurorean Virtual Network
solution for the first time, this guide also addresses how to track usage and
troubleshoot end-to-end VPN connectivity problems.
The guide is designed for network administrators who are responsible for
installing and mana ging local and wide area networking equipment. Th e
guide assumes you have experience working with LAN devices such as
firewalls, routers, hubs, and file servers.
Contents of the Guide
Information in this guide is arranged as follows:
H Chapter 1, Installing RiverMaster Software provides step-by-step
instructions for installing the R iverMaster application on your
computer and starting the application for the first time.
H Chapter 2, The Guided Tour contains an overview of RiverMaster
operation, describes how to log into RiverMaster and check the status
of your Aurorean Virtual Network servers, and walks you through
the process of setting up an Aurorean Virtual Network for the first
time.
About This Guide
About This Guide
About This GuideAbout This Guide
H Chapter 3, Configuring a Aurorean Network Gatewaydescribes how to
configure network settings, such as IP addresses, name resolution
servers, t unnel p rotoc ols, an d rou ting pr otoco ls, usi ng Riv erMaster or
Aurorean Policy Manager. The chapter describes how to back up the
database on the Aurorean Policy Server and details how to set up
site-to-site tunnels from one Aurorean Network Gateway to another.
It also details how to view and change alternate ANG address data.
H Chapter 4, Setting Up Aurorean VN Services discusses how to: use the
Authorization service to authenticate remote users, prepare the
Notification service to send E-mail in response to Aurorean Virtual
Network alarm, alert, or notification messages, and set trace levels for
system messages.
RiverMaster Administrator’s Guide
ix
About This Guide
H Chapter 5, Controlling Remote User Dialing & Access describes how to
define Aurorean Network Gateway destinations, select ISPs from the
TollSaver database, configure POP packages and add corporate dialup phone numbers.
H Chapter 6, Manag ing Users & Groups addresses how to create a user
database on a Aurorean Policy Server, assign policies that govern
user access to the network, and prepare a customized Aurorean
Client Software installation kit.
H Chapter 7, Viewing Server Activity & Statistics shows you how to
examine and interpret message traffic between Aurorean Virtual
Network devices and monitor the performance of active tunnel
connections. Standard SNMP MIB-II and two private MIBs are now
available to monitor your Aurorean systems.
H Chapter 8, Generating Reports describes how to download and view
customize d reports th at re veal Aurorean Virtual Network server
performance and remote user activity.
H Appendix A, Glossary contains definitions for terms used throughout
this guide.
H Appendix B, Configuring the ANG with a Floppy Disk, describes a
procedure similar to the steps you would take to configure the ANG
by using the RiverMaster application. But this method allo ws an
administrator to centrally set up one or more gateways and distribute
that information on floppy disks to remote sites.
H Appendix C, License Agreement & Support describes the agreement that
governs the use and distribution of RiverMaster software and
provides information for contacting Enterasys Networks for technical
support.
x
RiverMaster Administrator’s Guide
Conventions Used in this Guide
The following conventions are used in this guide:
About This Guide
NOTE Notes supply additional helpful information,
CAUTION Cautions contain directions that can prevent you
WARNING Warnings provide directions that you must
Bold Text in boldface indicates values you type using
Italics T ext in italics indicates a variable, important new
SMALL CAPS Text in small caps specifies keys to press on the
Courier font Text in this font denotes a file name or directory.
Related Documents
The following publications are also supplied with Aurorean VN systems:
point you to where you can find more
information, or emphasize critical issues you
should consider w hen performing an action.
from damaging the product or losing data.
follow to avoid harming yourself.
the keyboard (for example, a:\setup). Default
settings may also appear in bold.
term, or the title of a manual.
keyboard; a plus sign (+) between keys indicates
that you must press the keys simultaneously (for
example,
CTRL+ALT+DEL).
H RiverMaster Quick Reference Card that contains shortcuts and tips f or
installing and using the RiverMaster application.
H Quick Setup cards that highlight the basic steps required to install
either a Aurorean Policy Server or Aurorean Network Gateway.
H Aurorean Installation & Service Guide describes how to mount, connect,
power-up, and maintain an Aurorean Policy Server and Aurorean
Network Gateway.
H ANG-1000 User’s Guide details how to install and configure the small
office/home office Network Gateway.
Portable Document File (PDF) versions of these manuals are available on the
Aurorean System Software CD ROM. Using Adobe Acrobat Reader 3.0 (or
RiverMaster Administrator’s Guide
xi
About This Guide
later), you can view these manuals on-line or print additional copies. Acrobat
Reader can be downloaded from the Adobe web site (www.adobe.com).
xii
RiverMaster Administrator’s Guide
This chapter provides the system requirements and step-by-step instructions
for installing RiverMaster software on your computer. If you have not already
done so, Enterasys Networks recommends that you mount and connect your
Aurorean Polic y Server and Au rorean Network Gatewa y before per forming
these steps. Refer to the Aurorean Installation & Service Guide supplied with
each server for detailed installation instructions.
System Requirements
To run the RiverMaster application, your computer must meet the following
requirements.
Hardware Requirements
1
Installing RiverMaster
Installing RiverMaster
Installing RiverMasterInstalling RiverMaster
Software
Software
SoftwareSoftware
RiverMaster runs on a desktop or laptop computer equipped with:
H A 233 MHz processor or faster
H 64 MB RAM minimum, 128 MB recommended
H 80 MB free space on the computer’s hard drive
H CD ROM drive
H Ethernet network interface
To best view the RiverMaster user interface, set your monitor to display
65536 colors or better at 1024 x 76 8 resolution.
RiverMaster Administrator’s Guide
NOTE
1
Installing the Application
Software Requirements
The following operating syst ems, applications, and protocols should be
installed and configured before you install RiverMaster:
H Windows NT 4.0 Workstation upgraded with Service Pack 4 (SP4) or
later version or Windows 2000 Professional
H TCP/IP protocol
H To use Aurorean Policy Manager: Internet Explorer 5 or Netscape 4
Installing the Application
Before installing RiverMast er, close any applications you have runn ing. Once
the installation is complete, you must restart the computer before you can use
RiverMaster to manage your Aurorean Virtual Network.
NOTE
You must log into your Windows NT Workstation/2000 computer using
an account with administrator privileges before installing RiverMaster.
Without administrator privileges, some files may not install properly and
you may be prevented from using some RiverMaster features.
Chapter 1
Installing RiverMaster Software
Upgrading a Previous Release
The following instructions assume you are installing RiverMaster on your
computer for the first time. Do not re-install RiverMaster over a previous
version. Remove the older version of RiverMaster as described in “Removing
RiverMaster Files” on page 9 and then install the new version as described in
the following section.
Installation Steps
To install RiverMaster on your computer, perform the following steps:
1
Insert the Aurorean 3.0 System Software CD into the CD ROM drive.
2
Open Windows Explorer, go to the RiverMaster directory on this CD
and run the
2 RiverMaster Administrator’s Guide
SETUP.EXE
program.
Chapter 1
Installing RiverMaster Software
3
If a warning message appears stating that Microsoft ODBC is not
present on your computer, click OK to install Microsoft ODBC. If this
message does not appear, continue with the next step.
The Microsoft ODBC text driver must be installed on your computer
in order for RiverMaster to generate reports. RiverMaster Setup
automatically launches the Microsoft ODBC install program; follow
the instructions provided on the screen. When asked, choose the
Typical ODBC installation. After ODBC is installed, RiverMaster
Setup automatically resumes.
4
When the Welcome window appears, click Next to continue.
To halt the installation and exit the Setu p program, click Ca ncel; this
option is also availa ble on all Setup windows that follow.
5
When the Software License Agreement window appears, carefully
read the agreement and click Yes to accept the terms.
To install RiverMaster, you must accept the agreement. If you click
No to decline the agreement, the Setup program will close.
6
On the Choose Destination Location window, select where you want
RiverMaster files stored on the computer’s hard disk and click Next.
As a default, RiverMaster files are stored in C:\Program Files\
Indus River Networks\RiverMaster. To change the
destination folder, click Browse to select an existing folder or create a
new folder. To return to the previous window to change your
selections, click Back; this option is also available on all Setup
windows that follow.
Installing the Application
7
When the Select Program Folder window appears, assign a name to
the RiverMaster program folder and click Next.
As a default, the Setup program creates an Indus River Networks
folder that appears in the Programs menu. This folder contains
shortcut icons for the RiverMaster application and a README file.
8
When the Start Copying Files window appears, click Next to continue
the installation or click Back to change your selections.
9
An Information window appears stating that to read the RiverMaster
documentation, you must install the Adobe Acrobat Reader program.
Click OK.
Acrobat Reader can be found in the 3rd Party Support Software
directory on this CD or at the Adobe Website (www.adobe.com).
RiverMaster Administrator’s Guide 3
Installing the Application
10
11
When the reboot completes, RiverMaster is installed and ready to manage
your Aurorean Virtual Network.
If RiverMaster is running while you upgrade your Aurorean Policy
Server software, RiverMaster may become confused. To avoid this
situation, exit RiverMaster at the beginnin g the APS installation or exit
and restart RiverMaster after the process has completed.
Starting the Application for the First Time
Chapter 1
Installing RiverMaster Software
When the Setup Complete window appears, do one of the following:
– To view the README file immediately, leave the check box
checked and click Finish.
– To wait until later to view the README file, remove the check
from the check box and click Finish.
At the second Setup Complete window, choose Yes to restart your computer and click Finish.
NOTE
When you start the RiverMaster application for the first time, you are asked
for the following information:
H The IP address(es) you assigned to the Aurorean Policy Server(s)
during its installation.
H The Aurorean VPN you assigned to your servers when they were
installed.
H A user name and password to log into RiverMaster (the defaults are
user netadmin and password netadmin).
NOTE
RiverMaster lets you invoke two RiverMaster sessions from one
Windows NT/2000 computer to a prima ry and secondary Aurorean
system. This feature is especially useful when running AutoLink
Recovery™ (ALR), which employs automatic fail over to a backup
Aurorean Virtual Network system. If you wish to invoke two
RiverMaster sessions, you will be required to enter two IP addresses.
4 RiverMaster Administrator’s Guide
Chapter 1
Installing RiverMaster Software
To start RiverMaster, perform the following steps:
1
On the main Windows NT/2000 desktop, double-click the RiverMaster icon.
Alternatively, you can click the Start button, point to Programs, point
to Indus River Networks, and then click RiverMaster. In the
RiverMaster program group, click RiverMaster to launch the
application. After a few seconds, the Identify Your Aurorean
Environment window appears as shown in Figure 1.
Installing the Application
Figure 1 First-Time Setup Information
In the Aurorean VPN Name field, type a collective name that will be
2
shared by all Aurorean devices on your corporate network.
This name is set using the APS Quick Configuration wizard program;
refer to the Aurorean Installation & Service Guide fo r more information.
RiverMaster Administrator’s Guide 5
Installing the Application
3
4
Chapter 1
Installing RiverMaster Software
Do one of the following:
– If you are configuring only one Aurorean Policy Server, enter the
IP address assigned to it in the Primary fields and click OK . The
RiverMaster Login window will appear as shown in Figure 3
with the Aurorean VN Name, APS name and IP address
displayed as you specified earlier. Skip to Step 5.
– If, in addition to configuring a Primary APS, you have installed a
backup APS to use with the Auto Link Recovery feature, supply
this IP address in the Alter nate fiel ds after enteri ng an IP addr ess
of the Primary APS in the fields provided. Click OK. The Select
APS window will appear as shown in Figure 2.
This IP address is set using the Aurorean configuration wiz ard
program; refer to the instructions supplied with this program for
more information. RiverMaster needs this IP address to locate and
synchronize with the Aurorean Policy Server.
If you entered both APS IP addresses, select the APS you want to log into and click OK.
The RiverMaster Login window appear s as shown in Figure 3 with
the Aurorean VPN name displayed as typed in the Identify your
Aurorean Environment window.
Figure 2 Select APS Window
6 RiverMaster Administrator’s Guide
Chapter 1
Installing RiverMaster Software
5
Type the default user name (
and click OK.
For example, the primary APS name and its IP address is displayed in
the RiverMaster Login window in Figure 3. When the RiverMaster
application starts, the main in terfa c e appears as shown in Figure 4.
NOTE
netadmin
) and password (
Figure 3 RiverMaster Login Window
Installing the Application
netadmin
)
To prevent unauthorized RiverMaster access, Enterasys Networks
recommends that you i mmediatel y cr eate a new admin istra tor account i n
the Admin group and delete the default login account. Refer to Chapter 6
for instructions on adding and deleting user accounts.
When you start RiverMaster, the application immediately attempts to detect
and communicate with the Aurorean Policy Server and Aurorean Network
Gateway located within the same corporate network. Dependin g upon the
amount of remote client activity occurring on the VPN, RiverMaster may
need up to a minute to detect and synchronize with both servers.
CAUTION
If you want to configure a connection to a second APS after having
already configured a connection to only one server, you must first delete
the config.irx file in the C:\Program Files\Indus River
Networks\RiverMaster directory on the RiverMaster PC. Then, when
you click on the RiverMaster desktop icon, the Identify your
Aurorean VN Environment window will appear as described on page 5.
RiverMaster Administrator’s Guide 7
Installing the Application
Using the Delivery service running on all Aurorean components, RiverMaster
establishes a Delivery session with each server. The Aurorean Policy Server
reports service status, memory/hard disk usage, and a summary of alarms,
alerts, and problem notification messages. The Aurorean Network Gateway
reports an aggregated total of bytes sent and received over all tunnels, as well
as memory/hard disk usage.
When memory and disk usage
appears, RiverMaster has
detected and synchronized with
the Aurorean Network Gateway
Chapter 1
Installing RiverMaster Software
Click here to close
the application
Configuration pullout
Manage Users & Groups
pullout
View System Activity
pullout
When service status appears,
RiverMaster has detected
and synchronized with the
Aurorean Policy Server
Figure 4 RiverMaster Main Interface
To learn more about the server status data displayed on the RiverMaster
interface, refer to Chapter 2. To exit the RiverMaster application at any time,
click the close (
X) button in the upper-right corner of the main interface.
NOTE
If you have used RiverMaster extensively to generate reports and view
messages during a period of peak activity, the application may require a
few moments to close.
8 RiverMaster Administrator’s Guide
Chapter 1
Installing RiverMaster Software
Removing RiverMaster Files
RiverMaster can be uninstalled from your computer using the standard
Add/Remove Programs tool provided with Windows. After RiverMaster files
are removed from your computer, you should restart the computer to clean
up any files that were in use during the uninstall.
To remove RiverMaster files from your computer, perform the following
steps:
1
On your desktop computer, click the Start button, point to Settings, then click Control Panel.
2
Double-click on Add/Remove Programs to launch the utility.
3
On the Install/Uninstall tab page, select RiverMaster from the list of
programs and click Add/Remove.
4
When the Confirm File Deletion window appears, click Yes to confirm
that you want to remove RiverMaster.
Clicking Yes launches the UnInstallShield program, which manages
the process of deleting RiverMaster files.
Removing RiverMaster Files
5
When Remove Shared File? windows appear for shared .DLL and
.OCX files, click Y es To All and click Yes again to confirm your
decision.
6
When the Remove Programs From Your Computer window appears with all items checked, click OK.
7
When a window appears indicating that RiverMaster has been
removed, click OK to acknowledge the message but do not restart
your computer.
Although the Add/Remove Programs utility removes most Aurorean
VN files, you must manually delete the contents of the RiverMaster
folder within the Indus River Networks folder on your hard drive.
You should do this before restarting your computer.
8
Close the Add/Remove Programs control panel.
9
Open Windows Explorer by clicking the Start button, pointing to
Programs, and then clicking Windows Explorer.
RiverMaster Administrator’s Guide 9
Removing RiverMaster Files
10
Locate the RiverMaster program folder.
The default location for this folder is C:\Program Files\
Indus River Networks.
11
Delete the RiverMaster folder.
12
Restart your computer.
Chapter 1
Installing RiverMaster Software
10 RiverMaster Administrator’s Guide
This chapter introduces the essential functions of RiverMaster, describes
Aurorean Virtual Network system status information displayed on the main
interface, and summarizes the steps required to use RiverMaster to configure
your Aurorean Virtual Network for the first time.
RiverMaster Overview
When RiverMaster is installed on your PC, the computer becomes a
“management station” for the Aurorean Virtual Network, receiving dynamic
updates from Aurorean Virtual Network systems and making immediate
configuration changes. All data displa yed by RiverMaster is retrieved from
databases residing on the Aurorean Policy Server or from incoming messages
from either the Aurorean Policy Server or Aurorean Network Gateway; no
data is stored locally on your PC’s hard disk.
2
Getting Started with
Getting Started with
Getting Started withGetting Started with
RiverMaster
RiverMaster
RiverMasterRiverMaster
Figure 5 illustrates the interaction between the Aurorean Policy Server,
Aurorean Network Gateway, and RiverMaster PC.
RiverMaster Administrator’s Guide 11
RiverMaster Overview
Chapter 2
Getting Started with RiverMaster
Aurorean
Policy
Server
• Updated configurations
• Requests for logs
• Curre
• Status of services
n
• Reports
•
ki
Cus
t
t
c
onf
•
Us
•
R
e
q
u
t
om A
b
u
i
ld
c
• Backup configuration
files
• Log files
i
g
u
ra
t
e
r
e
s
u
o
mma
t
s
rore
ions
&
g
ro
u
p
f
c
o
h
r
a
re
n
p
g
o
es
rt
a
s
n
Client
n
d
s
RiverMaster PC
N
•
ati
c
fi
i
ot
f
n
o
c
• Tunnel statist
of
n
o
ti
a
igur
Figure 5 Aurorean Virtual Network Communication Flow
Aurorean
Network
Gateway
cs
i
s
e
g
n
a
h
c
n
o
Using the RiverMaster management application you can:
H Quickly check a server’s operational status by determining if all
services are running, reviewing alarm and alert messages that have
accumulated, and displaying current tunnel activity (the number of
users logged in and the amount of data passing over all tunnels).
H Define “virtual subnets” to provide IP addresses to remote Aurorean
Client Software users and allow the Aurorean Network Gateway to
properly route remote user packets through the corporate network.
H Select which Internet Service Providers (ISPs) your remote Aurorean
Client Software users can use from the extensive TollSaver database
stored on the Aurorean Policy Server.
H Define user accounts on the Aurorean Policy Server to locally
authenticate remote users or install a “plug-in” to authenticate users
against an external RADIUS or SecureID server.
12 RiverMaster Administrator’s Guide
Chapter 2
Getting Started with RiverMaster
H Organize users with groups and assign each group policies that
govern the features available in Aurorean Client Software.
H Create customized Aurorean Client Software installation kits to
distribute to your remote users that contains the Aurorean Client
Software application, POP packages, group policies, and destination
IP addresses.
Logging into RiverMaster
When you start the RiverMaster application, the RiverMaster Login window
appears as shown in Figure 6 if yo u have configured a connection to one
Aurorean Policy Server. If you have configured a connection to a second
Aurorean Policy Server, the Select APS window will appear as shown in
Figure 7.
Version 3.0 of RiverMaster lets you start two RiverMas ter sessions from one
Windows NT/2000 computer to separate Aurorean Virtual Network systems.
This feature is especially useful when running AutoLink Recovery, which
employs automatic fail over to a backup Aurorean Virtual Network system.
Logging into RiverMaster
To access RiverMaster, you must enter a user name and password that the
Aurorean Policy Server can authorize from its internal database. The default
login account is netadmin with the password netadmin.
Figure 6 RiverMaster Login Window
Log into RiverMaster by typing a user name and password in the fields
provided, and choosing the Aurorean VPN name associated with the Primary
Aurorean Policy Server. Click OK.
RiverMaster Administrator’s Guide 13
Logging into RiverMaster
To prevent unauthorized RiverMaster access, Enterasys Networks
recommends that you immediately create a new administra tor login
account in the IRAdmin group and delete the default login account.
Refer to Chapter 6 for more on adding and deleting user accounts.
If you have configured a connection to a second Aurorean Policy Server, the
Select APS window appears as shown in Figure 7. Select the Aurorean Policy
Server you want to manage and click OK. The RiverMaster Login window
then appears as shown in Figure 6 allowing you to log into the selected
Aurorean Policy Server.
Chapter 2
Getting Started with RiverMaster
NOTE
Figure 7 Select APS Window
CAUTION
If you want to configure a connection to a second Aurorean Policy Server
after having already configured a connection to only one server, you must
first delete the config.irx file in the C:\Program Files\Indus
River Networks\RiverMaster directory on the RiverMaster
computer. Then, when you click on the RiverMaster desktop icon, the
Identify your Aurorean Environment window will appear as described in
Chapter 1.
14 RiverMaster Administrator’s Guide
Chapter 2
Getting Started with RiverMaster
Checking Server Status
RiverMaster’s main interface is des igned to quickly show the Aurorean
Virtual Network’s “health” when you start the application. The health
conditions are organized into three categories:
H Problem summary and users logged in
H Aurorean Network Gateway statistics
H Aurorean Policy Server statistics
Problem Summary & Users Logged In
As shown in Figure 8, counters at the top and bottom of the interface track
both error conditions and successful tunnel login attem p ts. The Problem
Summary counters are updated whenever RiverMaster receives one of three
types of mess ag e s:
H Alarms notify you when a significant error occurs with a service
running on a Aurorean Virtual Network system or a general server
problem that is preventing the server from operating normally.
Checking Server Status
H Alerts occur when an error count threshold has been crossed and an
alarm condition is imminent.
H Problem Notification messages typically indicate an error at the
Aurorean Network Gateway or a remote client connection problem
which Aurorean Client Software’s Prescriber feature diagnosed and
reported. Prescriber is a Aurorean Virtual Network feature which
diagnoses why a tunnel connection failed and attempts to correct the
problem.
RiverMaster Administrator’s Guide 15
Checking Server Status
Indicates current alarms,
alerts, and informational
messages that appear in
the System Activity window
(refer to Chapter 7 for more
information)
Total number of remote
users authenticated and
connected to the corporate
network via the Aurorean
Network Gateway
Chapter 2
Getting Started with RiverMaster
Click here to view
more details about
logged in users
Figure 8 Aurorean Network Gateway Status Information
Aurorean Network Gateway Statistics
Figure 9 shows the statistics information RiverMaster displays for the
Aurorean Network Gateway. The graph indicates total amount of bytes sent
and received over all tunnels processed by the Aurorean Network Gateway;
to view the traffic passing over a single tunnel, click the button at the top right
corner of the graph.
16 RiverMaster Administrator’s Guide
Chapter 2
Getting Started with RiverMaster
Aggregated number of bytes
received and sent over all
tunnels processed by the
Aurorean Network Gateway
Memory usage
Hard disk usage
The memory and hard disk usage meters show how much system resources
are being consumed supporting tunnel connections. You can use these values
for capacity p l an ni ng t o determine when th e nu m ber of concurren t t u n ne l s is
approaching the server’s li mit .
Checking Server Status
Click here to view
detailed statistics
for individual tunnels
(refer to Chapter 7
for details)
Figure 9 Aurorean Network Gateway Statistics
Aurorean Policy Server Statistics
As shown in Figure 10, RiverMaster displays the current status of services
running on the Aurorean Policy Server. Normally, all services should appear
as “Running.” If one or more services appears as “Stopped,” then the
Aurorean Policy Server may not function correctly. Table 1 briefly defines
each service and describes what occurs when the service is stopped.
RiverMaster Administrator’s Guide 17
Checking Server Status
Status of services running
or stopped on the
Aurorean Policy
Server
Memory usage
Chapter 2
Getting Started with RiverMaster
Hard disk usage
Figure 10 Aurorean Network Gateway Statistics
Table 1 Aurorean Policy Server Services
Service Function If Stopped...
Overlord Monitors the condition of all other
Auroreanservices and restarts a serviceif
it fails to initialize properly or ceases to
operate at any point. Overlord may also
force a total server reboot if necessary.
Retrieval Retrieves statistics and messages from
both the Aurorean Network Gateway and
Policy Server to generate activity and
anomaly reports.
Delivery Carries messages between all Aurorean
Virtual Network components, including
servers, Aurorean Client Software clients,
and the RiverMaster management
application. Delivery is a critical service
that must be operational for Aurorean
Virtual Network components to initialize
properly and synchronizewith one
another.
18 RiverMaster Administrator’s Guide
The Aurorean Policy Server
automatically reboots itself
approximately 20 seconds after the
Overlord service stops.
You cannot downloadand view reports
using RiverMaster.
The Aurorean Policy Server cannot
communicate with the RiverMaster
application and remote users are
unable to authenticate and establish a
tunnel connection with the Aurorean
Network Gateway. The Aurorean
Policy Server automatically reboots
itself approximately 3 minutes after the
Delivery service stops.
Loading...