Modifying Access Node properties
To modify Access Node properties
- On the computer where the Defender Administration Console is installed, open the Active Directory Users and Computers tool (dsa.msc).
- In the left pane (console tree), expand the appropriate domain node, and then expand the Defender container.
- Click to select the Access Nodes container.
- In the right pane, double-click the Access Node whose properties you want to modify.
- Use the dialog box that opens to modify the Access Node properties as necessary.
The dialog box has the following tabs:
- General tab Allows you to view or edit the Access Node configuration.
- Servers tab Allows you to view or edit a list of the Defender Security Servers to which the Access Node is assigned.
- Members tab Allows you to specify users or groups whose members can authenticate via the Access Node.
- Policy tab Allows you to assign a Defender Security Policy to the Access Node.
- RADIUS Payload tab Allows you to configure the RADIUS payload for the Access Node.
- When you are finished, click OK to apply your changes.
General tab
This tab allows you to view or edit the Access Node configuration. The tab has the following elements:
- Description View or edit the Access Node description.
- IP Address or DNS Name View or edit the IP address or DNS name of the NAS device.
Examples:
192.168.70.9 Allows connections from this IP address only.
192.168.70.0 Allows connections from any IP address on the 192.168.70.0 subnet (subnet mask 255.255.255.0 would also be required).
- Subnet Mask View or edit subnet mask for the Access Nodes that connect to the Defender Security Server.
- Authentication Port View or edit the number of the port on which the Access Node accepts RADIUS requests.
The default ports are:
1812 RADIUS agent, RADIUS proxy.
2626 Defender agent.
- Accounting Port View or edit the port number on which the Access Node accepts RADIUS accounting packets. Upon receipt of an accounting packet, its contents are written to an accounting log. The default port number is 1813.
- Node Type View or change the current node type. For available node types and their descriptions, see New Object - Defender Access Node Wizard reference.
- Shared Secret View or edit the shared secret that this Access Node uses when attempting to establish a connection with the Defender Security Server. To view a hidden shared secret, click the Reveal button next to this text box. To conceal a visible shared secret, click the Hide button next to this text box.
- User ID View or change the type of user ID by which the Defender Security Server searches for users in Active Directory. Possible values are Defender ID, User Principle Name, SAM Account Name, Proper Name, and E-mail Address.
Servers tab
This tab allows you to view or change a list of the Defender Security Servers to which the Access Node is assigned. To add a new Defender Security Server to the list, click Assign. To remove a Defender Security Server from the list, select that server, and then click Unassign.
Members tab
This tab allows you to set up a list of users who can authenticate via this Access Node. To add users or groups to the list, click Add. To remove an entry from the list, select that entry, and then click Remove.
