Re: (ASCEND) Change in defaults when upgrading from 4.x to 5.0Ap13?

To: jcday@almaden.ibm.com, Ascend-users@max.bungi.com
Subject: Re: (ASCEND) Change in defaults when upgrading from 4.x to 5.0Ap13?
From: Kevin Smith <kevin@ascend.com>
Date: Thu, 06 Nov 1997 14:24:51 -0800
In-Reply-To: <88256547.005E874E.00@mailgw1.almaden.ibm.com>
Sender: owner-ascend-users@max.bungi.com

At 09:41 AM 11/6/97 -0800, jcday@almaden.ibm.com wrote:
>
>Greetings.  It's been a couple of years now since I've had the occasion to
>spend much time on my Max, so bear with me if I've missed something obvious
>due to my memory fog...

Your memory lives in San Francisco ? ;)

>We've been running version 4.6Cp30 for quite some time, and we finally got
>around to installing 5.0Ap13 yesterday.  Immediately we ran into a problem
>whereby our modem users weren't being authorized the way they used to.  In
>our radius file, each user is defined as simply:
>
>jcday     Password = "Unix",
>     Ascend_Idle-Limit = 3600

Yes, that functionality did change (I don't recall why, but there is a way
to still achieve this)....

>With that definition when running 4.x, modem users could dial in and use
>PPP (e.g., using DUN in Win95) or simple telnet, or they could invoke PPP
>from the command line after logging in at the Max command prompt.
>
>After moving to 5.0Ap13, however, the above definition is allowing only PPP
>as implemented in W95 - users can't invoke PPP from the command line.

Correct.

>Since we didn't modify Radius, it looks like something changed in the Max.
>Rereading the Radius doc, my impression is that it was working correctly
>before, i.e., since I don't specify a "User-Service" tag, it defaults to
>allowing both methods of invoking PPP and regular old telnet.

We assume a default now, rather than allowing any service....except when the
MAX is configured with:

Auth Send Attr. 6,7=No.   (/ethernet/mod config/auth.../)

Then it works as it did before (or I'll hear back from you ;).

>We hacked our radius users file to now include "User-Service=Framed User"
>for every single entry, but while that now allows both modes of PPP,  it
>prevents telnet sessions...
>
>Questions:
>
> 1) What do I need to do to get this back working such that modem users can
>use any of the three methods?

See above.

>2) What changed?

The default being asserted when no User-Service is presented by RADIUS...


Kevin


++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

References:

(ASCEND) Change in defaults when upgrading from 4.x to 5.0Ap13?

From: jcday@almaden.ibm.com

Prev by Date: (ASCEND) DNS lookups
Next by Date: (ASCEND) Denying certain users a radius login (fwd)
Prev by thread: (ASCEND) Change in defaults when upgrading from 4.x to 5.0Ap13?
Next by thread: (ASCEND) Change in defaults when upgrading from 4.x to 5.0Ap13?
Index(es):
- Main
- Thread