Agents How to Guide

From Swivel Knowledgebase Wiki

Contents 1 Overview 2 Prerequisites 3 How to add an Agent 4 Testing 5 Known Issues 6 Troubleshooting

Overview

Agents are required to allow Agent-XML authentications to be made against the PINsafe server. This document outlines how to use, configure and add agents.

Prerequisites

PINsafe 3.x

How to add an Agent

On the PINsafe administration console select Server/Agents. Enter the details for the agent and click on apply, the agent will then be saved. The following attributes are available:

Name: A descriptive name that is used in the PINsafe logs

Hostname/IP: The Hostname or IP address of the device that will be making the agent requests. Ranges can be specified using CIDR (Classless Inter-Domain Routing) notation, for example if you put an IP address of 192.168.1.0/24, this will cover all IP addresses starting with 192.168.1.x.

Shared secret: A password that must be entered on the PINsafe server agent and the device that will be making agent requests.

Group: Default: ANY, Options: ANY, PINsafe group names. Here a specific access device can be configured to only allow certain groups of users to authenticate to that device.

Authentication Modes: Default: ANY, Options: ANY, Dual Channel Only, Single Channel Only. The access device can be configured to allow any type of authentication or to only allow only dual channel or allow only single channel authentication.

Check Password with repository Yes/No, This allows the repository password to be checked against the repository, by PINsafe for the specified NAS. This option was moved from a global setting to an Agent and RADIUS NAS setting in PINsafe 3.8.

Example configuration

Testing

Configure the agents, make agent requests and check the logs.

Known Issues

Troubleshooting

AgentXML request failed, error: The agent is not authorised to access the server.

An Agent-XML request is being made against the PINsafe server but is not permitted to do so. If access should be allowed create an entry on the PINsafe Administration Console under Server/Agents. If an entry exists verified the shared secret is the same on PINsafe and the access device.