Accessing the Avaya G250/G350 Media Gateway
54 Administration for the Avaya G250 and Avaya G350 Media Gateways
Authenticating service logins with Access Security Gateway
(ASG) authentication
The gateway supports ASG authentication for remote service logins. Direct remote connection
of services to the gateway is needed for gateways that are under service contract, do not have
LSPs, and are controlled by external MGCs. ASG is a more secure authentication method than
password authentication and does not require a static password.
ASG uses one-time tokens for authentication, in which a unique secret key is associated with
each login. ASG authentication is a challenge-response system, in which the remote user
receives a challenge from the gateway and returns an ASG authenticated response, which the
gateway verifies before permitting access. A new challenge is used for each access attempt.
ASG authentication is supported for remote services connecting to the gateway using telnet or
SSH protocols via any of the following:
●
Dial-up modem connected to the USB or Console port
●
Frame relay or leased line
●
Secure gateway VPN
●
Direct connection to the front panel Console port using the "craft" login
When ASG authentication is enabled on the G350, the G350 recognizes any login attempts
using Avaya Services reserved usernames as service logins, and requests ASG authentication
from the user, instead of a static user password.
The following usernames are reserved for Avaya Services usage:
rasaccess
,
sroot
,
init
,
inads
, and
craft
.
When ASG authentication is enabled on the G350, all password user accounts with usernames
similar to the reserved service logins are deactivated.
Enabling ASG authentication
ASG authentication can be enabled and disabled on the gateway and requires an ASG
authentication file. The ASG authentication file contains Avaya Services accounts for
authenticating users at login as members of Avaya Services.
1. Download the ASG authentication file for the gateway from the Authentication File System
(AFS) application on the
RFA information
page to an FTP, SCP, or TFTP server, as
described in
Installing and Upgrading the Avaya G250 Media Gateway
, 03-300434 and
Installing and Upgrading the Avaya G350 Media Gateway
, 03-300394.
2. Download the authentication file from the FTP, SCP, or TFTP server to the gateway. Use
one of the following commands:
●
To download an authentication file from a remote FTP server:
copy ftp auth-file
filename ip
, where
filename
is the name of the authentication file, including the
Содержание Media Gateway G250
Страница 1: ...Administration for the Avaya G250 and Avaya G350 Media Gateways 03 300436 Issue 5 June 2008 ...
Страница 24: ...Contents 24 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 32: ...Introduction 32 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 38: ...Configuration overview 38 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 128: ...Basic device configuration 128 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 210: ...Configuring Standard Local Survivability SLS 210 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 244: ...Configuring logging 244 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 258: ...Configuring VoIP QoS 258 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 354: ...Configuring Emergency Transfer Relay ETR 354 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 370: ...Configuring SNMP 370 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 402: ...Configuring advanced switching 402 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 486: ...Configuring monitoring applications 486 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 548: ...Configuring the router 548 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 664: ...Configuring policy 664 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 682: ...Configuring policy based routing 682 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Страница 686: ...Setting synchronization 686 Administration for the Avaya G250 and Avaya G350 Media Gateways ...