From owner-freebsd-isp  Mon Apr 14 05:22:00 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id FAA08132
          for isp-outgoing; Mon, 14 Apr 1997 05:22:00 -0700 (PDT)
Received: from mail.warp.co.uk (root@mail.warp.co.uk [194.207.68.4])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id FAA08127
          for <freebsd-isp@freebsd.org>; Mon, 14 Apr 1997 05:21:54 -0700 (PDT)
Received: from temp1.warp.co.uk (temp1.warp.co.uk [194.207.68.11]) by mail.warp.co.uk  with SMTP id NAA12486; Mon, 14 Apr 1997 13:22:06 GMT
Message-Id: <3.0.1.32.19970414131701.0068bbcc@mail.warp.co.uk>
X-Sender: tony@mail.warp.co.uk
X-Mailer: Windows Eudora Light Version 3.0.1 (32)
Date: Mon, 14 Apr 1997 13:17:01 +0100
To: Vincent Poy <vince@mail.MCESTATE.COM>,
        Anthony Barlow <tony@mail.warp.co.uk>
From: Anthony Barlow <tony@warp.co.uk>
Subject: Re: Some advice needed.
Cc: freebsd-isp@freebsd.org
In-Reply-To: <Pine.BSF.3.95.970414034721.27997h-100000@mail.MCESTATE.COM
 >
References: <3.0.1.32.19970413203248.006a4cd0@mail.warp.co.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

At 03:49 14-04-97 -0700, Vincent Poy wrote:
>On Sun, 13 Apr 1997, Anthony Barlow wrote:
>
>> >	Speaking about terminal servers, is there anyway to restrict it to
>> >just allow ppp and telnet?
>> 
>> Use radius and tell the ports that they are secure. Then in the users entry
>> simple say that they are a network user for ppp, or telnet/rlogin for
shell.
>
>	How does radius work exactly?  

It just like a normal login.

>And then is there a way to limit
>the telnet/rlogin to be able to telnet to only certain machines?  

Yes. In your config for that user in the radius users file you put

userid	Password "UNIX"
	User-Service-Type = Login User,
	Login-Host = the machine to log them into
	Login-Service = Rlogin

For a ppp user it's

userid	Password "UNIX"
	User-Service-Type = Framed-User,
	Framed-Protocol = PPP,
	Framed-Address = 255.255.255.254, < Assigned IP number from pool or
specify IP no
	Framed-Netmask = 255.255.255.255,
	Framed-Filter = "internet",	< for filters & firewall etc.
	Framed-Routing = Brodcast-Listen, < we have another class c for dialup lines
	Framed-MTU = 1500

>Someone
>mentioned something about a diskless FreeBSD box, anyone know how these
>work and would the diskless box need to be locally connected to a actual
>FreeBSD server or can it be done remotely?

Sorry can't help with this one.

Regards,
Anthony