[CentOS] modem for dial IN

Wed Jan 4 13:32:46 UTC 2006
Benjamin J. Weiss <benjamin at birdvet.org>

Dan Pritts wrote:

>Here are my notes from doing this on a red hat 7.3 box.
>
>If you don't need ppp but just want console, you can ignore the ppp
>part and just set up mgetty.
>
>ppp configuration is surprisingly simple.
>
>You'll need the pppd and mgetty packages if you don't have them.
>
>/etc/mgetty+sendfax/
>
>login.config:
>
>uncomment the "AutoPPP?" line or you'll just get a login prompt
>
>also, if you are using chap authentication (maybe good, maybe bad) you will want
>to enable it in the command line for pppd in the AutoPPP? line
>
>mgetty.config:
>
>speed 38400
>data-only y
>
>possibly port-specific options. If you're doing a lot of analog-to-analog
>dial you want to disable the 56k negotiation in the modem init string,
>because it will never get past 33.6 on a connection that is analog on
>both ends. (v.92 might do better).
>
>This seems to work with USR modems:
># this init-chat is the compiled-in default plus ATS32=224 at the end
># this disables x2, v.90, v.92
>init-chat "" ATQ0V1H0 OK ATS0=0Q0&D3&C1 OK ATS32=224 OK
>
>
>/etc/ppp/options:
>
>auth
>lock
>nobsdcomp
>proxyarp
>refuse-pap
>require-chap
>multilink
>192.168.1.1:
>
>ip addr above should be replaced by dialin server man page.  see man page.
>
>/etc/ppp/chap-secrets:
>
>   1. Secrets for authentication using CHAP
>   2. client server secret IP addresses
>
>meeting yourdialinserver password Ipaddr-to-assign
>
>/etc/inittab:
>S4:2345:respawn:/sbin/mgetty -D /dev/ttyS4
>S5:2345:respawn:/sbin/mgetty -D /dev/ttyS5
>
>/etc/rc.d/rc.local:
>
>   1. ip forwarding is useful when we are a PPP dialin host
>
>echo 1 > /proc/sys/net/ipv4/ip_forward
>
>
>On Fri, Oct 21, 2005 at 11:46:51AM +0100, Tom Brown wrote:
>  
>
>>Hi
>>
>>Not entirely centos related but that what the boxes are running so here i
>>go ;)
>>
>>2 of our centos boxes run nagios for network monitoring and send email and
>>paging alerts and are connected to standard phone lines using modems to
>>send the pages. I'm looking for a way in the event of provider failure to
>>login to these machines and so am looking at the ability to connect to the
>>console over the modem.
>>
>>Any good how-to's on this ? Also interested to know real life seciruty
>>risks etc. Is it possible to limit phone numbers that are abor to connect
>>etc?
>>
>>thanks
>>
>>_______________________________________________
>>CentOS mailing list
>>CentOS at centos.org
>>http://lists.centos.org/mailman/listinfo/centos
>>    
>>
>
>
>danno
>--
>dan pritts - systems administrator - internet2
>734/352-4953 office        734/834-7224 mobile
>_______________________________________________
>CentOS mailing list
>CentOS at centos.org
>http://lists.centos.org/mailman/listinfo/centos
>
>  
>
I just saw this...I'm thinking of implementing a dialin server for my 
job.  Only problem is that I'd need to authenticate using RSA SecureID 
tokens.  I *think* that the RSA box is running a RADIUS server.  How 
would I go about getting the incoming login on the dialin box to use 
RADIUS to authenticate against the RSA RADIUS server?  Is there a HOWTO 
somewhere?

Thanks!

Ben