There are a few possible ways to achieve this, the best way IMHO would
be to create a default user in your Radius Server to provide a menu upon
login, they can then select which vax they wish to connect to, If
specific people only connect to specific machines then you could do away
with the menu and have a straight rlogin into the vax. This is assuming
your particular ip services for the vax supports rlogin, then you can
even set a hosts.equiv file so that the user doesn't get a second
password prompt, I know cmu/ip has rlogin support, not sure about the
rest. (of course you need to ensure that you have no user in radius or
the pm3 called system !!!!!)
The beauty with this way is that if the user is using a ppp dialer that
supports PAP (most do) then if the client tries to negotiate PPP the
PM3 will auto-detect this and connect them as a network (ip) user.
For more info on Radius Menus etc check out:
http://www.livingston.com/Tech/Docs/RADIUS/Menus.fm.html#4802
Cheers
Phil
-----Original Message-----
From: Mark Halsall [mailto:mark@hcca.ohio.gov]
Sent: Friday, May 29, 1998 01:42
To: portmaster-users@livingston.com
Subject: (PM) PM3 capabilities question
Hey, all -
I'm not quite sure if this is part of a FAQ or not, but I've got a
question
about the PortMaster 3...
We're looking at replacing a bunch of our modems with a PortMaster or
two,
to get V.90 and ISDN capabilies. Unfortunately, we are also unfamiliar
with
all of the PortMaster 3's capabilities, as well as the more advanced
RADIUS
authentication.
We also have 3 different modem pools (1 PPP, and 2 dialups to a couple
of
VAXen), and would _love_ to be able to combine everything into a unit or
two, instead of having 3 racks apread all over our comms room.
The question is, how can we get the PortMaster to distinguish between a
PPP
call and a call to one of our VAXes (or would we have to go with PPP
only,
having the VAX users telnet in?)? Each person with access to both has a
seperate account for each service, with different usernames and using
different authentication schemes (RADIUS for the PPP and the host-based
authentication on the VAXes).
I can see four possible methods for doing this:
1) Have authentication check RADIUS first, then each VAX in turn, then
finish the call setup appropriately.
2) Have the default authentication set up for PPP, with a username for
each
VAX... Users not wanting to use PPP would enter the appropriate VAX
username, and the connection would be sent there to be authenticated.
3) Use something like a Service: prompt, and route the connection from
that. We would have to set up a PPP modem script for this option, which
wouldn't go over very well with our users.
4) Leave the modem racks servicing the VAXen in place, and replace only
our
current PPP servers. This will probably be the default.
Thanks for your time, patience, and any help you are able to provide.
-Mark
--
Mark Halsall mark@hcca.ohio.gov
Internet Specialist, Hamilton/Clermont Cooperative Association
(work) 931-7120, x20 (pager) 670-4093
Personal email should go to <mailto:mhalsall@io.com>.
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>