Connecting to Shiva Remote Access Servers
You can connect a dial-up client to the Shiva LanRover or NetModem/E families of remote access servers without specially configuring Dial-Up Networking.
With a Windows 95 dial-up client, you can dial in to a Shiva remote access server and connect to IPX, NetBEUI, and TCP/IP services on a network. A dial-up client connected to a Shiva server can access any network resources that a computer on the local area network can, including all other computers running Windows 95, NetWare servers, electronic mail, client-server applications, and the Internet.
In addition to supporting all the capabilities of the Windows 95 dial-up client, Shiva remote access servers offer the following capabilities:
- Data compression
- Dial back
- Dynamic Host Configuration Protocol (DHCP) support for IP address assignments during TCP/IP dial-in
- Support for Security Dynamics ACE/Server and TACACS centralized authentication
- Integrated ISDN support
- NetWare Bindery information
Configuring a Shiva Server for Windows 95 Dial-Up Clients
If you have a Shiva remote access server running on your network, you do not need to make any configuration changes to enable dial-up clients. Shiva remote access servers running release 3.5 and above are fully compatible with Windows 95 dial-up clients.
If you are installing a new Shiva remote access server, there are a few steps to configure it to support dial-up clients. You can configure all dial-up parameters for a Shiva remote access server with the Shiva Net Manager for a Windows-based application on a computer running Windows, Windows for Workgroups, or Windows 95, or with the Shiva Net Manager for Macintosh application. Shiva Net Manager for Windows 95 will be available shortly after the release of Windows 95.
Before configuring the Shiva remote access server for Windows 95 dial-up clients, you need to do the following:
- Ensure that you have properly installed the Shiva remote access server and connected it to an Ethernet or token ring network.
- Connect your modem to the serial port of your LanRover and to the telephone line, or connect the telephone line directly to the LanRover/PLUS or NetModem/E with integrated modem.
- Install Shiva Net Manager for Windows on a computer that is attached to the Ethernet or token ring network. Shiva Net Manager for Windows requires either IPX or TCP/IP on the personal computer.
- Make sure that dial-in access for a particular protocol or protocols is enabled.
To configure the Shiva remote access server with Shiva Net Manager for Windows 95
- Run Shiva Net Manager by double-clicking the SNM icon, and then double-click the name of the Shiva remote access server you want to configure in the Shiva Net Manager Device List dialog box.
- In the Shiva remote access server Configuration dialog box, click the General configuration page from the Configure menu.
- Check the Dial-In function to enable it, and then check the protocols that you want to enable for Windows 95 Dial-Up Networking: IP, NetBEUI, or IPX.
- In the Configuration dialog box, click the Ports configuration page, and then check that all ports with modems are enabled and properly configured with modem strings.
- If you are enabling TCP/IP dial-in, click the IP configuration page from the Configure menu, and then type the IP address of the Shiva remote access server.
- If you are enabling NetBEUI dial-in on a token ring network, click the Bridging configuration page from the Configure menu, and then type the ring numbers required for source routing.
- To save your configuration, select the Set Configuration command from the Actions menu.
You will need to create a user name and password for each dial-up user.
To store user names and password using the internal user list of the Shiva remote access server
- In the Shiva Net Manager Device List dialog box, click the name of the Shiva remote access server for which you want to create a dial-up user list.
- In the Security menu, click the Get User List command.
- In the User List dialog box, click the Add button.
- Type a user name and password for each dial-up user. Make sure that dial-up access is enabled for the user, and click OK.
- Save the user list for the Shiva remote access server from the Security menu's Set User List command.
Assigning TCP/IP Address to Dial-Up Clients With Shiva Remote Access
To connect a dial-up client to TCP/IP network services, the client must have an IP address. Shiva remote access servers provide different ways to assign IP addresses to dial-up clients:
- You can assign a unique IP address to each Shiva remote access server port. Every time a user dials in to a Shiva remote access server port, the dial-up client determines the IP address of the port by using the Reverse Address Resolution Protocol (RARP).
- You can assign an IP address to every dial-up client. When a user dials in, the Shiva remote access server assigns the IP address based on the user name.
- A centralized Windows NT Dynamic Host Configuration Protocol (DHCP) server can tell the Shiva remote access server which IP address to assign to the dial-up client.
- You can assign an IP address to every dial-up client. When a user dials in, the Shiva remote access server assigns the IP address based on the user name.
- The remote user can tell the Shiva remote access server which IP address to use for the dial-up client. If a user tries to obtain an illegal IP address, the Shiva remote access server allows it, but the connection fails.
If you want the Shiva remote access server to assign IP addresses to dial-up clients, see the documentation for the server.
Security Options with Shiva Remote Access Servers
Shiva remote access servers provide several security options that prevent unauthorized access to your corporate network. You can choose the method, or combination of methods, that works best for your organization — from passwords to security devices from other vendors. Here are some of the methods that Shiva uses to provide a high level of security:
- User lists. Shiva remote access servers can store user names and passwords for controlling dial-up access to the remote access server. When you add users to the Shiva remote access server user list, they can dial in to the network, but they still need the appropriate access privileges to access any server or host on that network.
- NetWare bindery. If your organization uses NetWare bindery security features from Novell, you may not want to maintain an additional user list for a remote access server. You can use the NetWare bindery account database to provide centralized authentication services for dial-up access.
- Security devices from other vendors. You may use additional security devices to protect sensitive data on your corporate networks. Shiva remote access servers are compatible with most popular security devices, so you can evaluate and choose the security method that is appropriate for your organization.
- Security Dynamics ACE/Server. This security solution uses a UNIX server to maintain the centralized database of dial-up user privileges. Shiva remote access servers support ACE/Server authentication.
- TACACS. This is a centralized security solution that uses a UNIX server to maintain the centralized database of user privileges. Shiva remote access servers support authentication of dial-in users using TACACS.