Telnet with Static IP Address

This guide takes you through the basic steps to authenticate a telnet request from a PC using a static TCP/IP address.

Prerequisites

  • Ensure that the SecurID software is loaded and the relevant software keys have been applied.
  • SecurID controls a single subsystem, called 'ACEDTI’. This should be reviewed on a regular basis to ensure that it is active. Where possible, you should modify your system start-up program to run the command @ACE/STRACEDTI.
  • Any IBM i profile name(s) used when following this guide, must be able to authenticate with an RSA Authentication Manager.
  • Additional software, referred to as “Remote Authentication software” must be installed. For details, see the Installing SecurID Remote Authentication section in the Powertech RSA SecurID Agent for IBM i Installation Guide on the Fortra Support Portal.
NOTE: To configure the SecurID Agent for communications between your IBM i system and the machine (Windows, AIX, UNIX, etc.) that will be originating the *TELNET logon requests, see Configuring Port Connections in Managing Authentication for Exit Point Logon Requests.

Authenticating Telnet Requests from a Static IP Address

  1. From the Master Menu, select option 10, Work with Client Application Availability.
  2. When the Work With Client Application Availability option is displayed, select F6 (Create) if Application Name *TELNET does not exist in the displayed list to select it. If *TELNET exists in the list then enter 2 next to it. The Maintain PC Support Availability screen appears. Enter the following values:

    Authentication requests: S

    Press ENTER.

    Press F3 to exit the program, and return to the Master Menu.

  3. From the Master Menu, select option 9, ‘Work with TCP/IP address by profile' option, and press ENTER.

  4. Select F6 (Add) and enter the name of the IBM i profile that is to be authenticated when the telnet request is made. For this example, the profile name is DEMOUSER:

    5. Profile name: DEMOUSER

    Press ENTER. The TCP/IP address entry screen will be displayed. Enter the TCP/IP address that is associated with the user’s PC:

    TCP/IP address: <Input the TCP/IP address associated with the PC>

    Comment / description: Demonstration for Telnet authentication

    Press ENTER. Press F3 to exit the program, and press F12 to return to the Master Menu.

  5. From the Master Menu, select Work with TCP/IP Port Connections option.
  6. When the Work with TCP/IP Connections option is displayed, select F6 (Add) if Product RMTSDIAUT does not exist in the displayed list. If RMTSDIAUT exists in the list then enter 2 next to it and press ENTER. This will output the Maintain TCP/IP connection details screen.

    Enter / confirm the port number and press ENTER. This number must match the TCP/IP port number configured on the PC within “SecurID Remote Authentication”.

    Press F3 to exit the program, and return to the Master Menu.

  7. From the Master Menu, select option 4, Activate/de-activate remote authentication.

    8. Set Activate PCS checking? to Y.

  8. Press ENTER.
  9. Log on to the appropriate PC.
  10. Attempt to start a telnet session to the IBM i.

    11. For example:

    Start > Run > telnet < IBM i >

    Where:
    < IBM i > is the name or TCP/IP address of the IBM i LPAR.

  11. Enter the requested details in the SecurID Challenge window that should appear on the PC and click OK.

See Configuring SecurID Remote Authentication to map and sync IBM i users with the PC.

See Authenticating Exit Point Logon Requests to authenticate logon requests from your PC.