Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re[2]: (ASCEND) Merit RADIUS and Shared Profiles
Other than the fact that I have to restart the radius demon everytime I
make a change to the users file it has been fine. I looked at Access
Control first, but I am was not interested in paying for a modest hack
of a freeware product.
I will direct this at Kevin. Along with everyones gripes about OSPF
(which we have put off now for a year) when will this shared profiles
issue be resolved. The feature is documented in the manual that came
with my first MAX from November of 1995. I know that I am echoing the
complaints of everyone else on the list, but is unreasonable to wait two
years for an correct implementation of features advertised as a reason
to go with Ascend rather than anyone else.
My $0.02.
------------------------------------------------------------------------------
Robert C. Tranter
Crusoe Communications, Inc.
973-882-1022
tranter@crusoe.net
www.crusoe.net
On Wed, 28 Jan 1998 00:56:29 -0700
Greg Skafte <skafte@worldgate.com> wrote:
> shared profiles is a pet peve on par with ospf ... my experience so far is
>
> Ap* shared profiles are a global pass fail ... ie everyone or noone
> Ai* share profiles work ... but old modem code
>
> how stable are you finding the merit radius for your ascend ....
>
> Quoting Robert Tranter (tranter@crusoe.net)
> On Subject: (ASCEND) Merit RADIUS and Shared Profiles
> Date: Mon, Jan 26, 1998 at 06:03:54PM -0500
>
> > I am trying to allow multiple logins for one username and password. I
> > obviously do not want to user the Ethernet -> Shared Profiles flag,
> > since it will play havoc with my system usage. I am running 5.0Ap38 and
> > running Merit Radius 3.5.6. I have tried to use the Simultaneous-Use
> > Attribute, but the Max seems to ignore it. I looked back at my old
> > Ascend dictionary and there was an attribute Ascend-Shared-Profile-Enable
> > (id 128) with a value of either Shared-Profile-Yes or Shared-Profile-No.
> > I added these to my Merit dictionary as a vendor specific attribute and
> > added it to the users RADIUS profile as follows.
> >
> > spch@crus Authentication-Type = Realm,
> > Service-Type = Framed,
> > NAS-Port-Type = Async,
> > Framed-Protocol = PPP,
> > Idle-Timeout = 900,
> > Ascend:Ascend-Shared-Profile-Enable = Shared-Profile-Yes,
> > Session-Timeout = 28800,
> > Port-Limit = 1
> >
> > Does not work. It authenticated the user and as soon as it trys to
> > start the LAN session it terminates with a LAN security error. An entry
> > is created in accounting and is as follows:
> >
> > Acct-Session-Id = "253914366"
> > Ascend-Disconnect-Cause = Invalid-incoming-user
> > Ascend-Connect-Progress = IPNCP-Opened
> > Ascend-Data-Rate = 31200
> >
> > Is there something I am missing? Any help will be greatly appreciated.
> >
> > - ------------------------------------------------------------------------------
> > Robert C. Tranter
> > Crusoe Communications, Inc.
> > 973-882-1022
> > tranter@crusoe.net
> > www.crusoe.net
> > ++ Ascend Users Mailing List ++
> > To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
> > To get FAQ'd: <http://www.nealis.net/ascend/faq>
> >
> > ------------------------------
>
> --
> Email: skafte@worldgate.com Voice: +403 413 1910 Fax: +403 421 4929
> #575 Sun Life Place * 10123 99 Street * Edmonton, AB * Canada * T5J 3H1
> -- --
> When things can't get any worse, they simplify themselves by getting a whole
> lot worse then complicated. A complete and utter disaster is the simplest
> thing in the world; it's preventing one that's complex. (Janet Morris)
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>