(ASCEND) AAC and NAS-IP-Address

To: ascend-users@bungi.com
Subject: (ASCEND) AAC and NAS-IP-Address
From: "Herve BRUNET" <brunet@dynetcom.fr>
Date: Tue, 20 Oct 1998 12:43:13 +0100
CC: BRUNET@dynetcom.fr
Organization: DYNETCOM France
Priority: normal
Sender: owner-ascend-users@max.bungi.com

>Hi everybody,
>
>I'm using AAC (version 11) a MAX4030 (version 6.1.7, load Febk.m40)
>and FW-1. The network architecture is as follows :
> -------                      ------
> | MAX |-------------| FW |---------------------
> -------         |            -------                    |
>                AAC                           NT4.0 PDC
>      NT Stand-alone	
>
> Both, my MAX and FW-1 authenticate their user onto AAC.
>
>AAC proxies all authentication requests to a NT4.0 Primary Domain
>Controller. The FW has got the right ports opened.
> Users who are getting connected on the MAX have to use a 
>REALM such as:
>	bob@campus
>
>Bob is registered into NT's SAM. 
>
>When authentication requests come from FW-1, AAC also proxies 
>requests to NT4.0. 
>Users gain access without REALM (because of a bug in internet 
>explorer 4.0).
>
>
>I need to make sure that users people get connected from the FW-1
>without REALM and with REALM from the MAX. I would like to apply
>different filters onto these profiles. Consequently, the distinction
>is mandatory.
>
>Files description
>--------------------
>
>Clients :
>MAX 	radius	type=ASCEND:NAS
>fw-1		radius	type=ASCEND:NAS
>
>
>Authfile
>----------
>
>NULL   FILE  internet
>campus  FILE campus
>
>campus.users
>-----------------
>
>DEFAULT Authentication-Type = WinNT
> Service-Type = Framed,
> Framed-Protocol = PPP,
> Framed-Routing = None,
> Ascend-Assign-IP-Pool = 1,
> Ascend-Idle-Limit = 300,
> Ascend-Client-Assign-DNS = DNS-Assign-Yes,
> Ascend-Client-Primary-DNS = 172.26.2.5,
> Filter-Id = "101"
>
>
>internet.users
>----------------
>
>DEFAULT NAS-IP-Address= FW-IP-Addr,  Authentication-Type = WinNT
> Service-Type = Framed,
> Framed-Protocol = PPP,
> Framed-Routing = None
>
>
>In order to enable this ability, I've implemented the attribute :
>	NAS-IP-Address
>
>Thanks in advance,
>
---
Herve Brunet                    Pre-Sales Engineer
Tel : 01 30 48 83 84            DYNETCOM
Fax : 01 30 48 83 40            Bat GAIA, 9 parc Ariane
                                78284 Guyancourt cedex
++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Prev by Date: Re: (ASCEND) Using SNMP to monitor PRI's
Next by Date: Re: (ASCEND) p75 debug mode
Prev by thread: Re: (ASCEND) Ascend Frame relay Problem
Next by thread: Re: (ASCEND) AAC and NAS-IP-Address
Index(es):
- Main
- Thread