Installing DynamicAccess LAN Encryption Software
85
To use the Certificate Authentication mode, copy the
entrust.ini file to the Windows directory on the client
computer and then restart the PC. You can find a sample of
the entrust.ini file on the
EtherCD
. See “Adding the Entrust
File.”
Adding the Entrust File
If you select certificates as your form of authentication, you
must add the entrust.ini file to your Windows directory.
This file points to the Entrust CA server and to the X.500
server (which stores certificates). It also lists the path to the
directory containing the user's Entrust profiles
(Dynamic
Access
LAN Encryption creates this directory as
part of the installation process, and when storing a newly
created certificate).
The Entrust/Manager software stores the entrust.ini file in the
Entrust directory on the Entrust CA server. You can find a
copy of the entrust.ini file on the
EtherCD
. After installing the
Dynamic
Access
LAN Encryption software, before rebooting
the system, manually copy the entrust.ini file to the Windows
directory on the client computer, and then reboot.
During installation, the policy files tssecmap.cfg and
tssecdes.cfg are automatically copied from the EtherCD to
your PC. See the “3Com LAN Encryption Secure Network
Map File (tssecmap.cfg)” topic and the “Security Level
Definition File (tssecdes.cfg)” topic in the administrator’s
guide for more information.
Dynamic
Access LAN Encryption software supports the
Entrust Certificate Authority. If you do not have Entrust on
your network, users must use shared-secret
authentication. To take full advantage of Entrust/PKI
security and key management features, you must install
the Entrust/Entelligence product on the
Dynamic
Access
LAN Encryption client computer. For more information on
Entrust/Entelligence and Entrust/PKI, or to contact a
representative, go to the Entrust Technologies World
Wide Web site: http://www.entrust.com.