[VOPRadius] OT: Globalpops

[Sylvain Savignac]

Title: Message

Hello Brad,   Briefly, it  can decide to use a profile rather than another based on:   Analog-Access Called-Station-Id Calling-Station-Id Connect-Speed-Limit Day-Of-Week Digital-Access Expiration NAS-IP-Address NAS-Port-Id NAS-Port-Limit NAS-Port-Type Port-Limit Service-Type Session-Timeout Source-IP Time-Bank Time-Of-Day      To see the flowchart for the selection algorythm ,  go to our web site and download the document  " What's new in 4.0.228.pdf " . You fill find it on page 5.     Sylvain Savignac, P. Eng.   Development Lead RADIUS Development Unit Vircom Inc.   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brad Johnson Sent: September 27, 2004 6:32 PM To: [EMAIL PROTECTED] Subject: [VOPRadius] OT: Globalpops I read the manual and didn’t come away with the idea the multiple profiles per user would help me. Can you provide more info on how it works? Does it use the profile that best matches and if so, based on what attributes?   Brad Johnson   Systems Administrator     Local Link Network Operations     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sylvain Savignac Sent: Monday, September 27, 2004 4:49 PM To: [EMAIL PROTECTED] Subject: [VOPRadius] OT: Globalpops   Hello Brad,     For (a.) Latest release allows you to have multiple profiles per user. Latest release allows you to have port-limit per NAS (with a new profile attribute) .   We don't do (b.) yet, but we will very soon.     Sylvain Savignac, P. Eng.   Development Lead RADIUS Development Unit Vircom Inc.       -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brad Johnson Sent: September 27, 2004 1:37 PM To: [EMAIL PROTECTED] Subject: [VOPRadius] OT: Globalpops Thanks Sylvain, This is exactly what I did shortly after my post. It turns out that GP has several NAS that don’t send service-type.   What I really need in a radius now are the following;   Ability to have two profiles with the same name and radius use the one that matches the request. Also, port-limits based on profile (allowing slipstream and other secondary services using the same username/password combination, while maintaining a port-limit of 1 (per matched profile).   The ability for Radius to recognize a re-connected user based on caller-id and username in addition to the current functionality where a re-connected user would be recognized based on NasPortID and username.   The GP situation,  as well as other services that can now be auth’d against radius are making me look around. I really want to stay with VOP.   Brad Johnson   Systems Administrator     Local Link Network Operations     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sylvain Savignac Sent: Monday, September 27, 2004 8:50 AM To: [EMAIL PROTECTED] Subject: [VOPRadius] OT: Globalpops   Hello Brad,   If the NAS is not sending any service-type, under Radius Server tab check Default PPP Service. If this option is checked, anytime the Radius server receives a request with a Service-Type of Login-User (rlogin/telnet) or an unknown service-type, it will grant the access as a PPP connection.   If the usual returned attributes for a PPP connection are bugging you, in your profile insert the following you should use the following line in your profiles: <tab>Remove-Attributes="6-8,13"   By the way, in 4.0.228 Remove-Attributes could not be used for a list before the 4.0.228.8 update coming up today. ( You had to put them on several lines)     Sylvain Savignac, P. Eng.   Development Lead RADIUS Development Unit Vircom Inc.   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brad Johnson Sent: September 22, 2004 6:21 PM To: [EMAIL PROTECTED] Subject: [VOPRadius] OT: Globalpops Well, one of them is currently picking the scabs that formed on his ass after I chewed on it awhile. After the second round of “can’t you make monkeys fly out of your butt?” I got really mad.   Brad Johnson   Systems Administrator     Local Link Network Operations     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lanham Rattan Sent: Wednesday, September 22, 2004 4:23 PM To: [EMAIL PROTECTED] Subject: [VOPRadius] OT: Globalpops   I found you have to push really hard, the first level guys don't know much. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Brad Johnson Sent: Wednesday, September 22, 2004 2:57 PM To: [EMAIL PROTECTED] Subject: [VOPRadius] OT: Globalpops Well, this too is a problem with a NAS, but they seem to be more willing to bash my radius and suggest that I rewrite it to do backflips rather than taking the problem I have proven to exist with the NAS and dealing with it. Its frustrating.   Brad Johnson   Systems Administrator     Local Link Network Operations     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lanham Rattan Sent: Wednesday, September 22, 2004 3:51 PM To: [EMAIL PROTECTED] Subject: [VOPRadius] OT: Globalpops   I have a nice nightmare story about GP, but in their defense it was really the poor engineering at Level 3 as Level 3 owns the NAS boxes. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Brad Johnson Sent: Wednesday, September 22, 2004 2:47 PM To: [EMAIL PROTECTED] Subject: [VOPRadius] OT: Globalpops You must not as I have since confirmed that the NAS in question is absolutely not sending a service-type. Shortly after proving this, GP suggested that I make Radius work-arounds for request coming form their Radius Servers.   I’m really starting to NOT like GP.   Thanks for the help.   Brad Johnson   Systems Administrator     Local Link Network Operations     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brad Johnson Sent: Wednesday, September 22, 2004 12:56 PM To: [EMAIL PROTECTED] Subject: [VOPRadius] OT: Globalpops   Do you specify Service-Type = Framed-User in your dialin profile for users authenticating via GP ?   Brad Johnson   Systems Administrator     Local Link Network Operations     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Cary Fitch Sent: Wednesday, September 22, 2004 12:48 PM To: [EMAIL PROTECTED] Subject: [VOPRadius] OT: Globalpops   We called and were authenticated ok.   Cary Fitch ----- Original Message ----- From: Brad Johnson To: [EMAIL PROTECTED] Sent: Wednesday, September 22, 2004 12:26 PM Subject: [VOPRadius] OT: Globalpops   I’m hoping that at least a couple of you, who use globalpops, would help me with an issue I’m having with a particular GP number by attempting to connect yourself.   The number is 270-953-5441 which is an on-net number. Connections to this number are being rejected with “Requested Service Denied” and debug indicates that this particular NAS is sending ether no service-type or garbage.   Your results would help me greatly as GP is continually trying to throw this back in my lap and blame my radius (even though all other numbers work fine).   Brad Johnson   Systems Administrator     Local Link Network Operations