Ok.
>Since some of our addresses are dynamic, and there is no way to know at
>authentication time which address will be assigned (that happens at IPCP
>time, and the authentication at LCP time), we must therefore set up a global
>filter which permits all the dynamic addresses to work for these accounts.
Right - at lease unless/until we implement the RFE for a keyword to
handle dynamic IPs in filters. (Personally I really want to see that.)
>Now I set this up in Choicenet, and arrange to have the RADIUS server return
>the correct filter profile.
>Choicenet loads the profile properly.
Ok.
>HOWEVER, it appears that the first user who disconncets from the PM3
>*DELETES* the Choicenet-loaded profile, defeating the filter!
That shouldn't happen.
User A logs in.
Filter is downloaded.
User B logs in, users same filter - no new download.
User A logs out.
User C logs in, same filter.
User C logs out.
User B logs out.
Now the filter is removed, as there is no longer a user.
If you are seeing this:
User A logs in.
Filter is downloaded.
User B logs in, users same filter - no new download.
User A logs out.
Filter is deleted - B now no longer has a filter.
Then that sounds like a problem. If you show B's interface is the filter
gone? It may be removed from the filter table, but I don't believe it
is removed from the interface.
-MZ
-- Lucent Remote Access Division - Chair, Department of Interstitial Affairs Phone: 800-458-9966 510-737-2100 FAX: 510-737-2110 megazone@livingston.com For support requests: support@livingston.com <http://www.livingston.com/> Snail mail: 4464 Willow Road, Pleasanton, CA 94588 - To unsubscribe, email 'majordomo@livingston.com' with 'unsubscribe portmaster-users' in the body of the message.