Logging in to the IMS AAA Server
Logging into the IMS AAA Server is a two step process. The first step establishes IP connectivity between the Administrator and the IMS AAA Server, and the second step establishes a secure tunnel between the Administrator and the IMS AAA Server. Communication between the Administrator and the server is encrypted using TLS certificate.
The administration connection is http/s over TCP. The http implementation provides access control (by user and group) based on authentication in a TLS tunnel secured with a server certificate.
For the TLS protocol, the IMS AAA Server uses only standard, non-anonymous cipher suites and requires a server certificate to secure the administrative connection.
When you first start the IMS AAA Server Administrator, you are prompted with the Login dialog (Figure 27).
To log into a server:
- Enter either the IP address or Host Name of the IMS AAA Server you want to connect to in the Host field.
- Enter the port number defined for communicating with this server in the Port field.
This is the "a3s admin TCP port" you defined when you installed the IMS AAA Server package.
- Click Login.
The Untrusted Root Authority dialog opens (Figure 28).
- Select the server.
- To view the IMS AAA Server certificate information click View. (The server must be selected in order to view the certificate information).
- To permanently trust the server, enable the Permanently trust server option. Once this has been enabled, the next time you access the server you will be prompted with the User Name and Password dialog.
- To proceed to authenticate with the IMS AAA Server click Yes.
The User Name and Password dialog opens (Figure 29).
When the User Name and Password dialog opens (Figure 29) opens, enter your administrator username and password and click Login. Login as root or use a Unix account from the group specified during the IMS AAA Server package installation. Select the Remember password until exit checkbox to have the IMS AAA Server Administrator remember your password for future log ins. However, this may pose a security issue if you are not careful about exiting out of your system after your work session. This step establishes the secure tunnel between the Administrator and the server.
The IMS AAA Server Administrator verifies that the user name you entered is valid. If the user name is found, IMS AAA Server Administrator validates the password.
After you log into a server, the main Administrator panel is displayed (Figure 30).
NOTE: The identity of the Juniper Networks IMS AAA Server is pre-configured with the Origin-Host=your-host.your-realm.net and the Origin-Realm=your-realm.net. The first step in configuring the server is to reconfigure these settings for your network environment. Refer to Configuring the Server Identification.