Date: Thu, 10 Jan 2002 11:16:51 -0500 From: "Joe & Fhe Barbish" <barbish@a1poweruser.com> To: "Brian Somers" <brian@freebsd-services.com> Cc: "FBSD Questions" <questions@FreeBSD.ORG> Subject: RE: How to setup dialin to server and them callback orginal dialin caller Message-ID: <LPBBIGIAAKKEOEJOLEGOGEPKCLAA.barbish@a1poweruser.com> In-Reply-To: <200201100948.g0A9mBS54180@hak.lan.Awfulhak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Brian, Tested this change and it works like a charm. My description of the flow was incorrect when it came to how win98 reacts. I want to say thanks for your help. Now to close out this thread with the complete solution so the next person who wants to use the callback function will be able to get the answer from the archives. User ppp accept dialin and callback the originating caller so FBSD server incurs the cost of the phone call. This breaks down to 3 functional items that needs to be addressed in the ppp.conf file. 1. accepting a dial in call to server. 2. using dynamic IP address so configuration is simple 3. activating callback function. Note: use adduser to add new users. Put the users in group network so he can use dialin, also edit ppp.conf and add new user to "allow user" statement in incoming: section. Below is the ppp.conf file that accomplishes this. Follow the comments about creating the dial in function. Summary of the flow of things. When the win98 box calls the dialin modem phone number on the FBSD box, getty senses the call & answers, it makes the connection, tells the winbox it wants pap and asks for id/pw, whatever is entered is checked against ppp.secret, at a match ppp sees the callback phone number and hangs up the phone. Now the modem that just answered the inbound call is free to dial out using the callback phone number from ppp.secert. On the winbox after the dial windows displays message authenticating id and password the window will close after login is achieved like normal. When the FBSD server sees the callback in the ppp.secret file it talks to the winbox about setting up callback services. The winbox will open a window for callback security with a un-changeable Option high-lighted [Administrator specified waiting for callback]. The winbox user clicks on OK and the winbox hangs up the modem and automatically reconfigures the winbox modem for inbound call waiting. FBSD does it's callback using the ppp.secert callback phone number associated with the id/pw it just authorized from the inbound call. The modem on the winbox picks up, some hand shaking goes on and bingo you are connected. There are other callback options for non-win boxes. See ppp.conf example in Usr/share/examples/ppp/ towards the end. ############################################################################ ## # /etc/ppp/ppp.conf File for dial out modem to ISP and Dial in modem for # connection to this FBSD system and callback to originating mswindows caller # so FBSD server incurs the cost of the phone call. # # Written by Joe Barbish 1/10/2002 # # This is a working ppp.conf file I use to dial in to my ISP and to connect # my Win98 box by dialing in to this FBSD box and accessing the internet. # # This ppp.conf documentation is based on a fresh install of FBSD 4.4 with # all file content as delivered with no user changes. # # NOTE Any FBSD documentation that says that the physical modem has to have # it's default options profile set to, NO command echo ATE0 and NO results # string ATQ1 and saved to the physical modems onboard non-volatile memory # (NVRAM) or any references to using programs tip, Kermit, mgetty, or minicom # to perform the dial function is obsolete and out dated as of FBSD 4.0. # # Setup Instructions. # Note steps 4 through 7 are only for dial in setup. # 1. Recompile kernel and change pseudo-device tun 1 to tun 4 # GENERIC kernel defaults to 1 and you need 1 tun device for each com port # 2. Add gateway_enable="YES" to /etc/rc.conf so dialin connection can gain # access to internet. # 3. Since a private internal IP address numbering scheme is used for IP # addresses behind this FBSD box the -nat option must be included on the # ppp command that starts the ppp task to dial the ISP. # NAT = Network Address Translation. Changes your private internal IP # address to your public IP address that you get from your ISP for # outbound messages and does the reverse for inbound messages. # From the command line example ppp -background -nat dialisp # 4. Using root create file /etc/ppp/ppplogin # Create file ppplogin with following 2 statements # #! /bin/sh # exec /usr/sbin/ppp -direct incoming # # incoming is the section label name in ppp.conf to be processed when # ppp is started by this script's exec command. # # This script will be launched by getty when it detects a ppp dialin # connection attempt. Program ppp belongs to group network, so you have to # change file ppplogin group to network and it's permissions to read/write # for the owner, read/execute for group, and none for everyone else. # chgrp network ppplogin assign file ppplogin to group network # chmod 650 ppplogin set permissions # 5. Change the default section of /etc/gettytab file for automatic ppp # recognition by specifying the pp capability. Add following # :pp=/etc/ppp/ppplogin: # 6. Edit /etc/ttys to enable a getty on the port where the dialin modem # is attached. com2 = ttyd1 find statement like this # ttyd1 "/usr/libexec/getty std.38400" dialup off secure # Change off to on to activate. Verify line speed is correct (std.38400) # This value is defined in /etc/gettytab. After saving edited results # issue kill -1 1 command to spawn getty. Use ps ax to show active tasks. # 7. cp /usr/share/examples/ppp/ppp.secret.sample /etc/ppp/ppp.secret # Edit /etc/ppp/ppp.secret file adding the ID and password for each user # that is authorized to login to this FBSD box using dialin modems. # 8. TESTING Issue command ppp -background -nat dialisp to test configuration # Use commands ps ax to see task list. ifconfig -a to see if tun is running # netstat -ir to see routing. /var/log/ppp.log to view ppp log events # ps ax to get ppp -background task number & kill -1 number to terminate. # 9. Once you are done with testing, make functions permanent. # Dial ISP at FBSD bootup. Add following to /etc/rc.conf file # ppp_enable="YES" # ppp_mode="ddial" # ppp_profile="dialisp" # ppp_nat="YES" # ############################################################################ # default: # The default section is processed ever time user ppp is started. # Ever thing set here applies to all the following section. set log Phase Chat LCP IPCP CCP tun command #use for testing #set log Phase tun #use to avoid excessive log sizes # If 115200 connection speed does not work (it should work with any modem newer # that 1998) step down to 57600 or 38400 or 19200 for legacy modems. set speed 115200 # connection speed set timeout 0 # no idle time out, will not disconnect disable pred1 deflate lqr # compression features & line quality reporting deny pred1 deflate lqr # compression features & line quality reporting dialisp: # This label is used in the ppp -background -nat dialisp startup # command for testing auto logon to ISP provider. # Ensure that "device" references the correct serial port # for your modem. (cuaa0 = COM1, cuaa1 = COM2) # Only needed for dial out device. set device /dev/cuaa1 # This dial string is needed for ISP's which use standard Unix style # login. set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \ \"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT" # edit the next three lines and replace the values with # the values which have been assigned by your ISP. # Needed for Unix, chap, and Pap style logins. set phone 12345678 # only use this phone number set authname barbish set authkey xxxxxxxx set redial 10 4 # if busy redial 4 times with 10 second pause enable pap # select pap login authentication # get dynamic IP address from ISP. set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 # if ISP issues static IP address un-commnet this section and comment out above # set static IP address your ISP assigned to you. # s.s.s.s = your static IP address # g.g.g.g = IP of machine you connect to at ISP or default to 10.0.0.0/0 # set ifaddr s.s.s.s g.g.g.g 255.255.255.255 0.0.0.0 add default HISADDR # Add a (sticky) default route (Mandatory) enable dns # Gets the ISP's DNS IP address & places them # in resolv.conf for reference by FBSD box. incoming: # Configuration for dial in modem access to this FBSD system. # This label is used in ppp -direct incoming command # which is buried in script /etc/ppp/ppplogin that starts # the whole process of accepting the incoming call. # Enable passwdauth forces use of /etc/passwd file # instead of /etc/ppp/ppp.secret file for PAP only. # CHAP must use ppp.secret because ppp must have access to # unencrypted passwords. This is ok over dialin modem lines. # A unique IP address is assigned to the ttyd activated in the # /etc/ttys/ file from the internal Private IP pool range. # Every user that will be using PPP login must have there login ID # in the allow user command to authorize them to run ppp. allow users barbish bob # SECURITY WARNING - It is VITAL that either pap or chap are enabled. If # one or the other is not, you are allowing anybody to establish an dialin # ppp session with your FBSD box using any ID/password. There is no # authentication being done on incoming ppp connections if pap or chap is not # enabled. SECURITY WARNING enable pap # uses ppp.secret file accept dns # give dialin connection access to dns lookup # Assign static IP address to this dialin line # 10.0.0.74 = static IP address for this dialin line # 10.0.0.1 = IP address of this FBSD box # set ifaddr 10.0.0.1 10.0.0.74 255.255.255.255 # I have 4 modems connected to com1-com4 for dialin access and activated # ttyd0-ttyd3 in /etc/ttys file this ppp.conf section [incoming] will work # as is. Set ifaddr command assigns dynamic IP address from a range of # reserved IP address. 10.0.0.71 through 10.0.0.74 inclusive) is the # IP address pool reserved for dialin users. set ifaddr 10.0.0.1 10.0.0.71-10.0.0.74 255.255.255.0 # Activate microsoft callback feature triggered by callback phone # numbers configured in /etc/ppp/ppp.secret (the 5th field): # set callback cbcp set cbcp set log +cbcp set redial 3 1 set device /dev/cuaa2 /dev/cuaa1 # dev names of dialin modem pool set speed 115200 set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \ \"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT" # /etc/ppp/ppp.secret # Authname Authkey Peer's IP address Label Callback barbish dogman bob bob * * 12167295555 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?LPBBIGIAAKKEOEJOLEGOGEPKCLAA.barbish>