> Maybe I'm missing something, but the Merit version allows one user ID (jdoe)
> to have different reply values from the users file applied to several types
> of jdoe sessions (telnet, PPP, SLIP, etc.) In fact with 2.4 we support all
> eight (8) values of the Service-Type attribute (see the DRAFT RFC).
>
> This means that jdoe identifies herself as jdoe (not jdoe.ppp or jdoe.slip)
> and the server inspects the users file for the "canonical" user "pppuser"
> of "slipuser" depending on the hint in the incoming request found in the
> Service-Type attribute (provided there isn't already a reply-item for
> Service-Type found in the reply-items for the "real" jdoe entry.
>
> Is every one totally confused at this point? ;^)
Uh...yes. Maybe *I'm* missing something. With the above, how can RADIUS
know what type of service jdoe wants? If she's PAP-authenticated, and
RADIUS can figure that out, then obviously it's PPP. But if jdoe just
enters jdoe at the login prompt and her password at the pw prompt, then
there's no way for RADIUS to know if it should start a telnet, SLIP, PPP,
etc... Am I wrong? Is there some sort of challenge?
Michael Nerone | Internet Direct, Inc. | http://www.txdirect.net
nerone@txdirect.net | 722-B Isom Rd. | Please direct all queries
| San Antonio, TX 78216 | to sales@txdirect.net.
| Voice: (210)308-9800 | Direct all tech questions
| Fax: (210)308-9240 | to support@txdirect.net
Any opinions expressed herein are my own and do
not necessarily reflect those of my employer.