Re: Merit-suggestion: Realm-by-client&port

William Bulley (web@merit.edu)
Sat, 4 Nov 1995 19:40:46 -0500 (EST)

According to David Carmean:
>
> With the advent of mixed-service terminal servers like the
> Portmaster with BRI cards, the Ascends with optional V.34 modems, etc,
> has any thought been given to extending the concept of realm-by-client/NAS
> to control access by NAS-Port on a specific (set of) NAS boxes?
>
> For instance, our ISDN customers pay a different rate, and if
> I install the Livingston BRI cards in a Portmaster, I'd like to prevent
> analog-only customers from using ports 10-29.

This is a concept we call hunt group control (I think that's what
you're explaining).

> Seems like you could extend the format of the clients file to do
> something like this:
>
> Client Name Key Ports user/authfile prefix
> ---------------- -------------- ------- -------------------------
> # PM2eR with two 5xBRI cards
> pm1.foo.bar ***** [0-9] analog.
> pm1.foo.bar ***** [10-29] isdn.
> # PM2, all serial/analog.
> pm2.foo.bar ******

Not bad, Dave!

> Now, I don't have access to an Ascend unit with analog modems, so
> I don't know how the NAS-Port is reported in that case, and I'm not
> sure how extensible this is to other porducts supporting RADIUS...
> anybody????

A separate piece of the Merit suite (yet unreleased) does do just this.
I have not been able to release it for several reasons and when we do
it will have the same copyright as the LAS stuff. It does not use the
clients file however. It has its own (set of) configuration file(s).

Regards,

web...

-- 
William Bulley, N8NXN              Senior Systems Research Programmer
Merit Network Inc.                 Domain: web@merit.edu
4251 Plymouth Road                 MaBell: (313) 764-9993
Ann Arbor, Michigan  48105-2785    Fax:    (313) 747-3185