Hugh, the problem is I don't have a configuration file to support what I
want to do, which is;
Allow customer Jason Godsey, with user name jason to connect with any
modem program such as hyperterminal and type Login: jason and be ushered
to the rlogin host. At the same time, I'd like to allow jason to also use
the username jason as his login in Dialup Networking for a PPP connection.
We currently solve this by having PPP customers use a capitol P before
their username Pjason. This is causing alot of problems for customers as
we get more and more computer novice people who can't figure out why they
need Pjason to use dialup and just jason for email etc..
I would like to find some sort of hook I can use in my <Handler clauses to
identify the session as PPP or Login-User transparently to the customer
based on what the portmaster sends in the auth packet. If it helps, I
beleve all of our PPP customers support PAP.
One way I've tried this is trying Sjason for Shell, radiator works great
catching it, strips the S and checks the user/pass just fine and hands the
portmasters the Login-IP-Address etc.. The ONLY problem is that the
portmaster then hands the Rlogin host Sjason instead of just jason. If I
create a user on the shell system as Sjason it works great.
If there is no easy way to distinguish between a PPP and User-Login based
on what the portmaster feeds radius in the auth packet, I have the option
of patching my Rlogin daemon to strip s/^S//; but I was hoping for a more
elegant solution :)
/ / Jason
On Thu, 29 Jun 2000, Hugh Irvine wrote:
> Date: Thu, 29 Jun 2000 09:41:41 +1000
> From: Hugh Irvine <[EMAIL PROTECTED]>
> To: Jason Godsey <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> Subject: Re: (RADIATOR) How should I go about this?
>
>
> Hello Jason -
>
> I think I will need to see a more complete configuration file, together with a
> more complete description of what you are trying to do. The information below
> appears to be incomplete.
>
> thanks
>
> Hugh
>
>
> On Thu, 29 Jun 2000, Jason Godsey wrote:
> > This is basically how I'm setup now:
> >
> > <Handler Called-Station-Id=/(848xxxx|383xxxx)/>
> > # auth by .....
> > </Handler>
> > <Handler Called-Station-Id=/(424xxxx)/>
> > # auth by .....
> > </Handler>
> > <Handler Called-Station-Id=/(383xxxx)/>
> > </Handler>
> > <Handler>
> > # auth by .....
> > </Handler>
> >
> >
> > We currently have users using "Pjason" as their PPP login, and jason as
> > shell, however we would like to change this to allow jason to allow for
> > PPP session and Sjason to work as shell since we don't offer SLIP.
> >
> > The problem I've run into is that after radiator does it's thing:
> > Wed Jun 28 10:16:21 2000: DEBUG: Check if Handler User-Name=/^S/ should be
> > used to handle this request
> > Wed Jun 28 10:16:21 2000: DEBUG: Handling request with Handler
> > 'User-Name=/^S/'
> > Wed Jun 28 10:16:21 2000: DEBUG: Rewrote user name to jason
> >
> > which is good, however it passes back to the pm3's to use a Rlogin host,
> > even though radiator strips off the S, the pm3 retains it and passes it to
> > the rlogin daemon on the login host.
> >
> > Has anyone faced this before? I've thought of:
> >
> > <Handler Service-Type = /!Framed-User/>, but I'm not sure if this would
> > work either.
> >
> > Thank you for any help!
> >
> >
> > / / Jason
> >
> >
> >
> > ===
> > Archive at http://www.starport.net/~radiator/
> > Announcements on [EMAIL PROTECTED]
> > To unsubscribe, email '[EMAIL PROTECTED]' with
> > 'unsubscribe radiator' in the body of the message.
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>
>
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
