You have multiple options in radius for restricting your users.
If you, in Unix, cannot prevent double --- User Authentication ---- then
double ---- Line Authorization ---- should be prevented.
- one source ip per user account after dial-in
- caller id per source phone per user (telco support)
- disable multilink (w2k)
- static route per user (w2k)or from cisco to radius (multi-cisco/mutliple
telcolineno's?)
- certificates and securID's will also close down mulit login/dialin actions
- connection type isdn number, async
A lot of these items ar supported through PPP.
I saw something about usertables, did not dive into that one. No unix guru,
sorry.
Radius is my thing, because i'm w2k mcse (no comment please)Still a bit of
GUI guy though.........
Martijn MCP 18x
some links etc...
Livingston
Accounting Attributes
For RADIUS accounting to function, a series of accounting attributes are
defined in the dictionary file on the RADIUS server and appear in the start
and stop accounting records. Use the following descriptions of common
accounting attributes to help you interpret start and stop records. Refer to
RFC 2139 for information on other accounting attributes.
Called-Station-Id and Calling-Station-Id
Called-Station-Id records the telephone number called by the user.
Calling-Station-Id records the number the user is called from. This
information is recorded when the NAS-Port-Type is ISDN, ISDN-V120, or
ISDN-V110 where supported by the local telephone company. On the PortMaster
3 and the PortMaster 4, this information is available for asynchronous calls
as well, where supported by the local telephone company.
http://www.livingston.com/tech/docs/radius/userinfo.html#1004347
http://www.livingston.com/tech/docs/radius/userinfo.html#1012237
-----Oorspronkelijk bericht-----
Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Namens vikas
patel
Verzonden: donderdag 22 februari 2001 11:22
Aan: [EMAIL PROTECTED]
Onderwerp: How to Restrict multiple login?
Hi folks,
I am working in an ISP company, got Cisco 2511 router with inbuilt
RAS(access server), IOS ver. 11.3(9).
I am using RADIUS from livingston ver. 2.0.1 beta 14 revision 5 for windows
NT4.0 and Netcents ver. 6.0 for billing. I have contacted the netcents
people and they says that the single/multi login facility is available with
RADIUS only and not with there netcents billing s/w. And i think the RADIUS
ver. that i am using is not supporting this single/multi login features. And
i am going to use this RADIUS b'coz its free.
How can i Restrict my customers for single login and multi-login into my
cisco router. B'coz using the above radius and netcents i cannot block multi
user login in my network. Can u guys suggest some solution using the above
only s/w's. And I am creating users in netcents+radius and these users are
not the router users.
Is their any way thru cisco router commands to restrict my customers for
single login?
Thanks in advance.
waiting for your reply.
kind regards
vikas patel
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
