(PM) Automatic outbound telnet (fwd)

Todd R. Eigenschink (todd@tekinteractive.com)
Fri, 2 Jan 1998 17:40:47 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Stephen Fisher: "Re: (PM) Filter (fwd)"
Previous message: Matt Brown: "Re: (PM) PM2eR-10 as router for full T-1"
In reply to: John Vozza: "Re: (PM) WAN card for PM3 (fwd)"

MegaZone writes:
>First of all you need to have the ports set up to allow inbound shell AND
>PPP users. 'set all login network dialin'. And 'set all security on'.

Done that. (This is Livingston radius 2.0.1, BTW.)

>You'll need two entries. To do the auto-detect like mgetty:
>
>[...]
>
>The first entry will match the user when there is a 'hint' of PPP sent.
>NASes can do this when they see PPP started by the user, they know the
>user is trying PPP so they can included a 'Framed-Protocol' value in
>the Auth-Request to 'hint' to RADIUS what is wanted.
>
>If the hint is not present it will fall through to the second entry, which
>is the telnet profile.

That all makes sense, and almost works. Here's my config:

testing Password = "testing"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.254,
Framed-Routing = None,
Framed-MTU = 1500

testing Password = "testing"
Service-Type = Login-User,
Login-Service = Telnet,
Login-IP-Host = 208.131.233.11

When I dial in non-PPP (hyperterminal) I get a login prompt, log in,
and then the PM starts PPP!

Jan 2 17:36:10 sol radius[22042]: radrecv: Request from host 208.131.233.4 code=1, id=179, length=101
Jan 2 17:36:10 sol radius[22042]: User-Name = "testing"
Jan 2 17:36:10 sol radius[22042]: Password = "\216\240UM\324\336\226\004\302\005\312%`\246\203\204"
Jan 2 17:36:10 sol radius[22042]: NAS-IP-Address = 208.131.233.4
Jan 2 17:36:10 sol radius[22042]: NAS-Port = 6
Jan 2 17:36:10 sol radius[22042]: NAS-Port-Type = Async
Jan 2 17:36:10 sol radius[22042]: Connect-Info = "9600 MNP/NONE"
Jan 2 17:36:10 sol radius[22042]: Called-Station-Id = "4364054"
Jan 2 17:36:10 sol radius[22042]: Calling-Station-Id = "2194367853"
Jan 2 17:36:10 sol radius[23799]: Sending Accept of id 179 to io.mixi.net (208.131.233.4)
Jan 2 17:36:10 sol radius[23799]: Service-Type = Framed-User
Jan 2 17:36:10 sol radius[23799]: Framed-Protocol = PPP
Jan 2 17:36:10 sol radius[23799]: Framed-IP-Address = 255.255.255.254
Jan 2 17:36:10 sol radius[23799]: Framed-Routing = None
Jan 2 17:36:10 sol radius[23799]: Framed-MTU = 1500

It matches the password, and there is no framed-user hint, but it's
taking the first profile anyway. I tried reversing the order of the
profiles, but then it always chooses the Telnet profile.

Incidentally, if I try to build the dmb file with the above
configuration, it complains about duplicate keys; I assume the
username is the sole hash key. Are there any plans to change that in
the next version of radius?

Todd
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.

Next message: Stephen Fisher: "Re: (PM) Filter (fwd)"
Previous message: Matt Brown: "Re: (PM) PM2eR-10 as router for full T-1"
In reply to: John Vozza: "Re: (PM) WAN card for PM3 (fwd)"