* This is the VOP Radius mailing list * Thanks all.. All I am really trying to do I guess is drop Port 80 packets. I knew how to do it but was just looking for confirmation. Eric gave me that confirmation already. Thanks Eric...
Thanks, Todd -----Original Message----- From: [EMAIL PROTECTED] [mailto:vopradius-request@;vircom.com]On Behalf Of [EMAIL PROTECTED] Sent: Saturday, October 26, 2002 11:56 AM To: [EMAIL PROTECTED] Subject: [VOP RADIUS] Forcing through a proxy (content filter) server * This is the VOP Radius mailing list * As mentioned by others on this list, it is not a radius job, but... Some RAS equipment CAN do it based on a RADIUS Attribute that is sent to them. In order for this to work you need to configure a policy filter or a virtual tunnel that once it receives the attribute the RAS will activate the tunnel and will redirect all traffic to the proxy server instead of the default gateway. The case in point that I will offer is located here... http://www.8e6technologies.com/docs/techdoc_WhitePaper_R2000_Installation.pd f in section C VPN tunneling. Ah yes, you just GOTTA love that company. They tell you how to set it up on the PM3 BASED on the user authenticating against the PM3, but I think we all know how real world that is. Here is what you need to add to your VPRDict.txt file # Vendor Attribute Codes VSA LIVINGSTON LE-IPSec-Outsource-Profile 12 string and the Attribute format you need to pass is LE-IPSec-Outsource-Profile = "xstop" With that you should have no problems passing a user from a PM3 to your proxy server. Now, if somebody out there is knowledgeable in the Ascend MAX 6096 and could tell me how to do the same thing with it I would be greatly appreciated. I can do up an example of the same thing on a Cisco 5350 if anybody needs it. Thanks, Steve > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:vopradius-request@;vircom.com] > On Behalf Of Todd > Sent: Wednesday, October 23, 2002 11:00 AM > To: [EMAIL PROTECTED] > Subject: [VOP RADIUS] Forcing through a proxy (content filter) server > > > * This is the VOP Radius mailing list * > Hi all, I sent the below email to Vircom support yesterday morning and > no response yet. I guess they are busy or whatever.. Anyhow, I wanted to > shoot this to the list and see if any of you might have the answers I > need. Vircom, if you happen to see this I would of course welcome your > official response too. Thanks in advance. > > ***********Start Email To Vircom Support*********** > > Vircom, > > We are running the latest and greatest (registered) version of VOP > Radius. We have a need to force some of our dialup users through a proxy > server, not a proxy radius but a proxy server for content (porn) > filtering etc. I assume we do this through the profiles.txt file by > setting up a new profile and blocking port 80 to all servers except our > proxy server. Few questions, am I assuming right? If so how do I setup > the profile to do this blocking and still keep my port 25 SPAM block in > place required by my upstream wholesale dialup networks? Assuming we get > past the previous few questions the next thing I want to do is to be > able to force all port 80 traffic through our content filtering server > but I want it to hit our server on port 8082 and not port 80 since 8082 > is the port the content filter runs on. > > Can you send me an example or the exact text I need to place in my > profiles.txt to accomplish this? I did read your docs but the section > that talks about profiles only touches on mail filtering. > > A response ASAP would be really appreciated since we are needed this to > launch this offering to our customers. > > > Thanks, > > Todd Routhier > > Start Your Own ISP! > > <http://www.YourOwnISP.com> > > > > > > ** > To leave this list, send an email to [EMAIL PROTECTED] and > put the word "LEAVE" in the BODY of the email. > > > ** > To leave this list, send an email to [EMAIL PROTECTED] > and put the word "LEAVE" in the BODY of the email. ** To leave this list, send an email to [EMAIL PROTECTED] and put the word "LEAVE" in the BODY of the email. ** To leave this list, send an email to [EMAIL PROTECTED] and put the word "LEAVE" in the BODY of the email.
