[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Fifarek's Dial Up Server HOWTO (draft #1)
This note will document what I did to create a Linux Dial-Up server. We
wanted the server to allow the 95/NT machines to login without bringing up
a terminal window.
You will need ppp and mgetty. For our setup, I used ppp-2.3.3 and
mgetty-1.1.19. mgetty must be compiled with AutoPPP. (This allows the
client to bypass the terminal window.) Disclaimer: I will only discuss
parts of mgetty and ppp that pertain to this setup.
mgetty is the program that monitors the modem for an incoming call,
initiates the pick up, and then passes off the authentication to the
specified program.
ppp is the program that establishes the PPP protocol between two machines.
_______________________________________________________________________
First, you will need to get mgetty configured properly.
-- In /etc/inittab put the lines:
E0:345:respawn:/sbin/mgetty ttyE0
E1:345:respawn:/sbin/mgetty ttyE1
E2:345:respawn:/sbin/mgetty ttyE2
We have three modems currently connected to the server, connected
to a Stallion EasyIO Multiport card. If you have it connected to a serial
port the entry would look like:
S1:345:respawn:/sbin/mgetty ttyS1
The first field is the name of the tty that the modem is connected
to. The second field is the runlevels that you want mgetty to run under.
The third field tells init to respawn the process if it dies. The last
field is the actual process. In this case, mgetty is run and it is told
to grab (monitor) ttyS1.
-- In /etc/mgetty-sendfax (typically):
login.config will need these two lines:
/AutoPPP/ - a_ppp /usr/sbin/pppd
* - - /bin/login @
The second line isn't neccessary, but good to have for fall back.
mgetty.config will need these lines:
_________________________________________________________
port ttyE0
init-chat "" \d\d\d+++\d\d\dAT&F1 OK
statistics-chat "" AT OK ATI2 OK
statistics-file /tmp/statistics.E0
data-only y
____________________________________________________________
These lines need to be replicated for all of the lines that you
have a modem connected to. The first line tells mgetty that the following
lines are for line ttyE0. The second line is an initialization string for
the modem (AT&F1 is rather generic, you may need something more complex).
The third string is a modem command that verifies that the modem is still
responding. This line gets sent to the modem every hour or so. The last
line tell mgetty not to worry about faxes.
The rest of the files shouldn't affect this setup. This should be
all for mgetty.
Second, you will need to configure PPP
-- /etc/ppp/options
This file has numerous options that can be placed into it.
I will only describe those that we use.
_________________________________________
auth
login
require-pap
refuse-chap
crtscts
lock
modem
proxyarp
netmask 255.255.255.XXX
ms-dns XXX.YYY.ZZZ.WWW
______________________________________
The first four lines are related to authentication. The first tells ppp
to use authentication (this is default, but it can be turned off). The
second tells ppp to use the /etc/passwd for authentication as well as the
pap/chap-secrets files. The last two tell ppp to ignore chap, and only
use pap (not neccessary but what the hell).
The next three lines are related to the modem. The first one tells ppp to
use hardware flow control. The second tells ppp to use a lock file to
ensure exclusive access to the modem. The last tells ppp to use the modem
control lines.
The last three lines deal with networking. The first line tells ppp to
add an entry in the ARP table. This will allow the remote machine to
connect to other machines. The second line is for netmask. The last
line is to set the dns for Microsoft clients, where XXX.YYY.ZZZ.WWW is the
IP address of your DNS server. It is wise to setup DNS on the server (as
a secondary in most cases), and have the remote machines refer to that for
DNS queries.
-- /etc/ppp/options.ttyE0
This file maps the device (in this case /dev/ttyE0) to an IP
address that ppp will assign the remote machine. It should look something
like this:
_________________________________________
123.456.789.2:123.456.789.3
________________________________________
where 123.456.789.2 is the IP address of the server, and
123.456.789.3 is the address to be assigned to the remote machine.
-- /etc/ppp/pap-secrets
This file contains a mapping of usernames, passwords, and secrets.
Since we wanted to use the usernames/passwords in /etc/passwd, our
pap-secrets looked like this:
___________________________________________________________________
# client server secret IP addresses
* * "" *
___________________________________________________________________
That should be all for ppp.
Some Notes:
1. Make sure that /usr/sbin/pppd is setuid root.
2. Test that the dialin server does what you expect it to (i.e.
that it only lets valid users in)
3. Read the documentation for your modem(s).
4. If you experience slower data rates than reasonable, try
playing with the mtu/mru settings in the /etc/ppp/options.
5. If you purchase a multi port serial card, make sure the cables
come with the card, or that they are easily obtained.
We had to make ours, and it wasn't easy.
This is a first draft, so ask questions, make comments, etc.
____________________________________________________
Richard H. Fifarek SIU School of Medicine
rfifarek@som.siu.edu Information Resources
____________________________________________________
--
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.