RE: [RadiusNT] RadiusNt question

Denny Figuerres ( (no email) )
Wed, 26 Jan 2000 00:37:34 -0800

This is a multi-part message in MIME format.

------=_NextPart_000_0009_01BF6795.89A76420
Content-Type: text/plain;
charset="windows-1256"
Content-Transfer-Encoding: 8bit

Well I am more of a database & web guy bet as I recall...

Framed-Route?
normaly you give them a route that gets onto the net....
also the gateway address....
as I recall our dialup wiz created a profile that sent them to our web
server
with that as the "gateway" address.

if the are routed & gatewayed to a web server and only get traffic on port
80
then I think they are stuck on that server.

like I said I mostly work Database and Web... I just have some of this stuff
via "osmosiss" so to speak.
check your doc's or ask the other folks on this list take it from here.

-----Original Message-----
From: radiusnt-request@iea-software.com
[mailto:radiusnt-request@iea-software.com]On Behalf Of Michel SAKR
Sent: Tuesday, January 25, 2000 11:51 PM
To: radiusnt@iea-software.com
Subject: Re: [RadiusNT] RadiusNt question

Hello Denny

We have a MAX 4016 installed as a remote access , I can open a new user
and a new connection and limit that users connection time in it but how to
filter it's IP range ?
----- Original Message -----
From: Denny Figuerres
To: radiusnt@iea-software.com
Sent: Wednesday, January 26, 2000 9:20 AM
Subject: RE: [RadiusNT] RadiusNt question

if you mean what I think you mean then this is mostly a matter of what
hadware you are using for
the "Terminal Server".
basicaly you'd need to create a filter profile that is used to "route"
that users network connection to a limited range of IP's
you might also need to filter what ports they get.

I know at one place I worked a while back we had an Ascend Max 4000 that
was used for signups... it would only allow SSL / HTTPS on one IP and not
other
traffic ( no Email, News, etc...) and had a max session of about 20
Minutes.
in that case though we did not use Radius, we just made it a firmware
profile on that box.

but if you told radius NT what to send to the box you could do the same
thing.

study the Filters you can set on your hardware and what kind of Route
commands it will take
then make a rad config that doe that and assignit to a loggin.

-----Original Message-----
From: radiusnt-request@iea-software.com
[mailto:radiusnt-request@iea-software.com]On Behalf Of Michel SAKR
Sent: Tuesday, January 25, 2000 10:38 PM
To: radiusnt@iea-software.com
Subject: [RadiusNT] RadiusNt question

Hello all
We are an ISP and I want to make a guest account where users can
browse only locally,
Can I limit a dialup user to browse only designated local sites ?
Using RadiusNT 3.0

Michel SAKR
GlobalNet® System Administrator
silvers@global.net.lb
www.global.net.lb

------=_NextPart_000_0009_01BF6795.89A76420
Content-Type: text/html;
charset="windows-1256"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">

Well I=20am more of a database & web guy bet as I =recall...
 
Framed-Route?
normaly you give them a route that gets onto =the=20net....
also=20the gateway address....
as I=20recall our dialup wiz created a profile that sent them to our web=20server
with=20that as the "gateway"  address.
 
if the are routed & =gatewayed to=20a web server and only get traffic on port 80
then I think they are =stuck on that=20server.
 
like I said I mostly =work Database=20and Web... I just have some of this stuff via "osmosiss" so to=20speak.
check your doc's or ask =the other=20folks on this list take it from here.
 
 
-----Original Message-----
From:=20 radiusnt-request@iea-software.com=20 [mailto:radiusnt-request@iea-software.com]On Behalf Of Michel=20 SAKR
Sent: Tuesday, January 25, 2000 11:51 PM
To:=20 radiusnt@iea-software.com
Subject: Re: [RadiusNT] RadiusNt=20 question

Hello=20 Denny
 
We have a =MAX 4016=20 installed as a remote access , I can open a new user and a new =connection and=20 limit that users connection time in it but how to filter it's IP range =?=20
----- Original Message -----
From:=20 Denny Figuerres
To: radiusnt@iea-software.com =
Sent: Wednesday, January 26, =2000 9:20=20 AM
Subject: RE: [RadiusNT] =RadiusNt=20 question

if=20 you mean what I think you mean then this is mostly a matter of what =hadware=20 you are using for
the "Terminal =Server".
basicaly you'd need to create a filter =profile that=20 is used to "route" that users network connection to a limited range =of=20 IP's
you might also need to filter what ports =they=20 get.
 
I=20 know at one place I worked a while back we had an Ascend Max 4000 =that was=20 used for signups... it would only allow SSL / HTTPS on one IP and =not other=20
traffic ( no Email, News, etc...) and had =a max=20 session of about 20 Minutes.
in=20 that case though we did not use Radius, we just made it a firmware =profile=20 on that box.
 
but if you told radius NT what to send to =the box=20 you could do the same thing.
 
study the Filters you can set on your =hardware and=20 what kind of Route commands it will take
then make a rad config that doe that and =assignit=20 to a loggin.
 
-----Original Message-----
From:=20 radiusnt-request@iea-software.com=20 [mailto:radiusnt-request@iea-software.com]On Behalf Of =Michel=20 SAKR
Sent: Tuesday, January 25, 2000 10:38 =PM
To:=20 radiusnt@iea-software.com
Subject: [RadiusNT] RadiusNt=20 question

Hello all
We are an ISP and I want to make =a guest=20 account where users can browse only locally,
Can I limit a dialup user to =browse=20 only designated local sites ? Using RadiusNT 3.0

Michel SAKR
GlobalNet=AE =System=20 Administrator
silvers@global.net.lb
www.global.net.lb
<=/BLOCKQUOTE>
------=_NextPart_000_0009_01BF6795.89A76420--