Chapter 2 Configuring servers 27Nortel VPN Router Security — Servers, Authentication, and Certificates3DES external LDAP proxy informationIf an external LDAP proxy is used, the VPN Router (which has its own internalLDAP file) does not touch or modify the external LDAP database. However, theVPN Router modifies the Bind Password that is attached to the Bind Name (underLDAP Proxy Servers).Encrypting with 3DES passwordThe Nortel VPN Router administrator can secure user and application passwordswith Triple Data Encryption Standard (3DES) encryption, which is a more securealgorithm than the current DES.If you use an external LDAP, you must upgrade all VPN Routers in the network toutilize this capability. The first VPN Router to enable 3DES encryption of userpasswords first runs a script against the external LDAP to convert all userpasswords from DES to 3DES.When you enable 3DES, the LDAP is automatically updated. Each VPN Routerthat enables the feature checks the LDAP to ensure that all passwords are in 3DES(external LDAP only).You can use the GUI or the CLI to enable 3DES.To enable 3DES:1 Select Servers > LDAP.The Servers > LDAP window appears. (Figure 4)Warning: Nortel recommends that you back up your LDAP and Configbefore you enable 3DES.