We are using an AS5300 with a PRI using ACSv3.0 for NT with TACACS+ authentication. We use RSA Secure ID and NT Domain authentication for our users to dialin.
In our Testing, on our NT 4.0 Wkstn Client, we use a Terminal Window after connection so as to input the Secure ID user name and Passcode.
After successfully authenticating the RSA user ID, the Terminal Screen outputs the following info:
Entering PPP mode
Async interface address is unnumbered (FastEthernet) Your IP address is 10.X.X.X. MTU is 1500 bytes
Then I get a whole bunch of illegible characters scrolling off the screen.
I then get a Windows NT 4.0 Dial-up Networking window that states that the script has halted.
Can this above info be hidden to the user? We would like it transparent to the user.
Also, is there a Banner that can be used AFTER a successful authentication? I found the banner login command to set a Legal notice for users dialing in before being prompted for a user ID.
The reason for this is to tell the user to either hit the DONE or CONTINUE button to continure with the login process.
Peter, Since the authentication takes place in the terminal window provided by WINDOWS after connection, the control is given back to user in order to proceed. Router will starts the PPP negotiation right after the initial successful authentication..The garbage or illegible chars on the terminal window is indication of ppp got started. Since the control of the terminal window is in users hand, user need to press DONE or CONTINUE to let the windows client (not the router or RAS) know to go ahead with ppp negotiations..Now if you don't hit DONE or etc then router will timeout on ppp negotiation and drop the connection.
So in other words router/RAS can't automate that process, you need to hit DONE etc..Thanks..Tejal
Did you ever figure out a work around for this issue. Have you identified the equivalent coded keystrokes for sending a DONE or CONTINUE button.
Thanks in advance for your help.
I figured out how to get the terminal window to close, with windows you can specify an .SCP file/script to run. Here's what mine looks like:
integer ntries = 3
integer nLoginTimeout = 3
string AnnexUser = "USERNAME:"
string AnnexPcode = "ENTER PASSCODE:"
string AnnexSuccess ="PERMISSION GRANTED"
string AnnexInvalid ="USERNAME/PASSCODE INCORRECT"
set screen keyboard on
waitfor AnnexSuccess then done,
AnnexInvalid then Invalid
ntries = ntries - 1
if ntries > 0 then
Then just specify a banner to display when it starts to negotiate PPP
banner slip-ppp ^C
The phrase "PERMISSION GRANTED" is what the script is waiting for to tell it that authentication passed, the endproc is what causes the window to close.
Try the following:
banner slip-ppp $
Click "Done" to close this window.
I'm not sure why you are seeing the Async Interface address piece, but the illegible characters are the PPP Negotiation.
I am also interested in finding a way to close the Terminal Window automatically, thats why I am here. Please let me know if you learned anything new.