> Once upon a time Vesa Halkka shaped the electrons to say... > >can it also provide both terminal server and 'automatic' PPP with > >one profile ? (like Ascend MAX). > > We have it so you can have two profiles - but ONE username/password. > Same end result, different philosophy to get there. We don't like the > Ascend system of leaving Service-Type off. We prefer keeping profiles > seperate depending on the type. > > For example: > > DEFAULT1 Auth-Type = System, Framed-Protocol = PPP > rest of PPP entry > > DEFAULT2 Auth-Type = System > rest of login entry > > Now, if the user uses PAP or CHAP (or if they say 'PPP' on a PM configured > to give a Host: prompt first) the NAS sends a 'hint'. We use the hint as > a check item to differentiate login types. Is this hint documented someplace, we could add it to our 'own' version of radius. I believe The License says we cannot use Livingston radius with other boxes. We have Ascend, Cisco, Livingston and Shiva boxes ;-) > > So 'bob' uses PAP/CHAP and he gets PPP, he logs in manually at the prompts > and gets shell. > > This is our RADIUS 2.0/2.01 server - it also allow user defined Prefix/Suffix > for things like Puser, user.ppp, user%slip, etc - you define what you want. > Some sites have patches to older RADIUS versions or other vendors and this > allows them to switch transparently. > > There are other check items that you can key off of too, of course, So > one user name can have a variety of different profiles, depending on what > they are doing. Our radius can already be keyed to choose the autenthicating host. It can recognise user@host as unix account and .string.string.string.. as netware NDS account. NT support is probably coming. We have 20000-30000 users, and we don't want to maintain anything special for them, but multiple default profiles would be OK. An other thing: have you any idea when we could get a PM3 sw version that gives the caller id in the *authentication* packet. It comes only in the accounting packet. Our radius doesn't allow anonymous calls, and we have had to make an exception rule for the PM3s. -- Vesa Halkka -O___/ University of Helsinki CC: ( / vesa.halkka@helsinki.fi ~~~~~ ++ Ascend Users Mailing List ++ To unsubscribe: send unsubscribe to ascend-users-request@bungi.com To get FAQ'd: <<A HREF="http://www.shore.net/~dreaming/ascend-faq">http://www.shore.net/~dreaming/ascend-faq</A>> or <<A HREF="ftp://ftp.shore.net/members/dreaming/ascend-faq.txt">ftp://ftp.shore.net/members/dreaming/ascend-faq.txt</A>> </PRE> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <!--X-Follow-Ups-End--> <!--X-References--> <!--X-References-End--> <!--X-BotPNI--> <HR> <UL> <LI>Prev by Date: <STRONG><A HREF="msg00775.html">Re: (ASCEND) Hybrid Access? (fwd)</A></STRONG> </LI> <LI>Next by Date: <STRONG><A HREF="msg00773.html">Re: (ASCEND) BUG!!!!</A></STRONG> </LI> <LI>Prev by thread: <STRONG><A HREF="msg00771.html">Re: (ASCEND) Hybrid Access? (fwd)</A></STRONG> </LI> <LI>Next by thread: <STRONG><A HREF="msg00775.html">Re: (ASCEND) Hybrid Access? (fwd)</A></STRONG> </LI> <LI>Index(es): <UL> <LI><A HREF="maillist.html#00774"><STRONG>Main</STRONG></A></LI> <LI><A HREF="thrd29.html#00774"><STRONG>Thread</STRONG></A></LI> </UL> </LI> </UL> <!--X-BotPNI-End--> <!--X-User-Footer--> <!--X-User-Footer-End--> </BODY> </HTML>