Using ACM/1600, ACM/400, ACM/100 with Remote Access ServiceLast reviewed: September 9, 1996Article ID: Q121539 |
The information in this article applies to:
SUMMARYThis article was created in close collaboration between Microsoft and Security Dynamics, Inc. It explains how to install the various ACM models made by Security Dynamics with Microsoft Windows NT versions 3.1 and 3.5 and how to configure the Remote Access Service (RAS) clients that are going to call the RAS server with the ACM device. This article does not explain how to program the ACM devices themselves; please refer to the ACM documentation for that information. The primary purpose of the ACM products is to give additional security to the already very secure Windows NT operating system. Windows NT provides two levels of security for RAS users. First, users need to be in the domain's user accounts database as valid users. Secondly, users need to be granted Remote Access permissions by their administrator in order to be successfully authenticated by a RAS server. For Microsoft Windows NT customers with higher security needs, Security Dynamics adds a third level of security by requiring users to identify themselves to the server's ACM device with a password that dynamically changes every 30 seconds in a credit card-sized device that the users carry with them. The ACM device on the Windows NT RAS server is plugged in-line between the modems and the server's serial ports. If the user's password doesn't match, the user will be disconnected from the modem without ever interacting with Windows NT RAS. The ACM devices work with both Windows NT workstations and Windows NT servers, but because Windows NT workstations allow only one incoming call at a time, the ACM devices are used more frequently with Windows NT Advanced Server version 3.1, which allows up to 64 simultaneous connections, and Windows NT Server version 3.5, which allows up to 256 simultaneous connections.
MORE INFORMATION
Hardware Requirements
Microsoft Windows NT Server ConfigurationThe MODEM.INF file supplied with the NT server software contains an entry for SDI's ACM/400 hardware product. The section is labeled [SD ACM400 w/ AT&T 3820]. This entry is designed for use with an AT&T Comsphere 3820 modem. If you want to use a different modem with your ACM device, the macro definitions, such as <speaker_on>=M1, and the COMMAND_INIT= lines must be changed to comply with the modems to be used with the ACM hardware. (Although the section heading refers to the ACM/400 product, it can be used for ACM/100 and ACM/1600 devices as well.) The easiest way to customize the ACM entry for your particular modem is to locate, within the MODEM.INF file, the section that refers to your modem type, and copy and paste that section to the end of the MODEM.INF file. Rename the section heading to reflect the ACM and modem type you're using. The length of the section heading must be limited to 31 or fewer characters, excluding the brackets. If there is no entry for your specific modem, try to select from the list of supported modems a model that matches yours as closely as possible. Make your choice by comparing entries in the MODEM.INF file with commands for your modem. Refer to your modem's documentation for a description of your modem's commands. The documentation may also list compatible modems or models that it can emulate. After you have selected the appropriate modem and copied its settings to the end of the MODEM.INF file, rename the section heading to reflect the ACM and modem type you're using. Again, do not exceed 31 characters, excluding the brackets. (For more information on making an unsupported modem work with RAS, refer to the RAS client software Help file section titled "Modifying MODEM.INF.") Once that has been done, adjust the following settings :
Microsoft RAS Terminal ConfigurationTo prepare the client for Terminal mode:
ACM Hardware ConfigurationChannel Settings:
Baud Rate: 38.4k, 19.2k, 9600, 4800, 2400, 1200, or 300. Configure the ACM channel baud rate to match the MAXCONNECTBPS parameter in the Windows NT server MODEM.INF file's [SD ACM400] section. This would normally be 19200 or 38400 baud. Data Bits: 7 or 8 to match NT Server (default=8) Stop Bits: No setting required Parity: None, Even, Odd, Mark, or Space to match Windows NT Server. (default=none) Protocol: DCD at modem and DCD at Host. (d-d) (default) Host Command Mode: N (default) Dialout: Y (enabled) NOTE: For the dialout option to function properly, your ACM hardware may require Host and Modem adapters to be attached to each port of your ACM. Various revisions of the ACM hardware exist, requiring different models of these adapters. Refer to table 1 to determine your needs. Cabling IssuesIn order for the ACM to function properly, it is very important that the cables used to connect devices to the ACM hardware are properly configured. The cables should include at least the following pins: 1, 2, 3, 4, 5, 6, 7, 8, 20, and 22. The Dialout option, in particular, is reliant on pin 22 (Ring Indicator) to function properly. The cable connecting the modem to the ACM's DTE port MUST support pin 22 or the Dialout function will not operate properly. When the Ring Indicator connection protocol is selected, the cable connecting the ACM on either the modem or host side of the ACM will require pin 22, depending on the particular setting selected. If you have any questions regarding the contents or use of this document, please call Security Dynamics Customer Support Department at (617) 876- 9640.
Table 1 - Dialout Adapter Requirements by Hardware Type / Serial Number
ACM Rev. Serial No. Range Adapter(s) 100 ALL No adapters required 400 A 4000 - 4499 AG15 (DCE) / Host Adapter 1 JB15 (DTE) / Modem Adapter 400 B 4500 - 4629 AG11 / Host Adapter -3 Modem adapter not required 400 C 4630 + No adapters required 1600 0 - 6 1000 - 1799 AG15 / Host Adapter -1 +2000-2003 JB15 / Modem Adapter 1600 7 1800 - 1899 AG24 / Host Adapter -2 1600 8 1900 - 1949 AG11 / Host Adapter -3 1600 9 2050 + No adapters requiredThese adapters are available free of charge on request from Security Dynamics. Determine the adapter(s) you require according to the model and serial number of your ACM. Call Security Dynamics Customer Support Department at (617) 876-9640. The third-party products discussed here are manufactured by vendors independent of Microsoft; we make no warranty, implied or otherwise, regarding these products' performance or reliability. All product and brand names herein are trademarks and service marks of their companies. For additional information please contact Security Dynamics at:
Security Dynamics One Alewife Center Cambridge, MA 02140-2312 USA (617) 547-7820 Fax: (617) 354-8836 Customer Support: (617) 876-9640 |
KBCategory: kbnetwork kbfasttip
© 1998 Microsoft Corporation. All rights reserved. Terms of Use. |