: >I would wonder why the standard does not allow you to specify
: >something so basic. I can certainly manually configure ports on
:
: Because RADIUS is for dialin and dialout use and this is not a common
: need for that use. Remote Authenticatin Dial-In User Service
Actually, it is for us. We have ~10 customers so far (and I gain at least
one a month) where numbered interface capability is a *must*. (This is one
of only two reasons we can't yet replace our MAXen with PM3s--consider this
an RFE! I knew there was another I forgot to tell you about. The other was
the caller ID authentication.)
Acend used to treat its vendor custom attribute the same way as the PM's
"Reported Address", though that functionality is now only available through
the WAN Alias parameter in user profiles. Now, Ascend-PPP-Address is the
same as the "IF Adrs" parameter--it's actually a numbered interface with a
real accessible address.
Since network hardwired ports can have numbered addresses, why not a RADIUS
extension for this? Is there one already proposed for RFC? <sigh> I know
Livingston is shying away from any vendor specific extensions, but this is
rather an important need that you may not realize. (The ability for the
local side to authenticate itself on a *dial-in* connection is another that
we don't use, but have been asked to do so once.)
: Any client used for dialin connections should be able to cope with the
: IP on the other end - if not, I'd call that a bug in the client.
As shameful as it may sound, there are *hundreds* of products that demand a
constant IP--in the same netmasked subnet--as its serial interface on a
connection. Older Cisco IOS releases, older Bay Networks (formerly
Wellfleet) products, all Gandalf ISDN products, NT 3.1 and 3.50, and many
more come to mind.
=====
== Todd Vierling (Personal tv@pobox.com; Business tv@iag.net) Foo-bar-baz! ==
== System administrator/technician, Internet Access Group, Orlando Florida ==
== Dialups in Orange, Volusia, Lake, Osceola counties - http://www.iag.net ==