Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Access Server security with PPP dialin/callback

I have set up AS5300 with dial-in and callback. The solution I am looking for is - how to restrict username/password access to the access server itself !?

My configuration :

interface Group-Async1

ip unnumbered Ethernet0

no ip proxy-arp

encapsulation ppp

ip tcp header-compression

no ip mroute-cache

ip policy route-map ORG-Intra

async mode interactive

peer default ip address dhcp

no fair-queue

compress mppc

ppp callback accept

ppp authentication ms-chap ORG-Intr-authen

ppp authorization ORG-Intr-author

ppp accounting ORG-Intr-account

group-range 1 10

line 1 10

access-class 5 in

no flush-at-activation

script modem-off-hook offhook

script callback mica-callback

modem InOut

transport preferred none

transport input all

transport output telnet

autoselect during-login

autoselect ppp

I do need to run PPP but I would like not to have ability to get username: / password: prompt when dialing for example with Hyperterminal. Unfortunately if using callback script, I have to have "async mode interactive" in an interface config otherwise callback does not work.

Is there any idea how to eliminate username: prompt and be able to run PPP only but still be able to do callback ?

Thanks !

  • Other Network Infrastructure Subjects
2 ACCEPTED SOLUTIONS

Accepted Solutions
Silver

Re: Access Server security with PPP dialin/callback

Under the lines add "autocommand ppp"....hyperterm users will not be able to access the as5300 but will go into ppp mode (anyways this NAS is used for dial-in as well as callback).

Thanks, Mak.

Cisco Employee

Re: Access Server security with PPP dialin/callback

You can't supress the username and password prompt displayed in the hyperterminal with "async mode interactive". But you can block the access to router further. Instead of using "autoselect ppp" you can use "autocommand ppp" so that after successful authentication in terminal window, router will directly start PPP. Callback with that command shouldn't be a problem.

2 REPLIES
Silver

Re: Access Server security with PPP dialin/callback

Under the lines add "autocommand ppp"....hyperterm users will not be able to access the as5300 but will go into ppp mode (anyways this NAS is used for dial-in as well as callback).

Thanks, Mak.

Cisco Employee

Re: Access Server security with PPP dialin/callback

You can't supress the username and password prompt displayed in the hyperterminal with "async mode interactive". But you can block the access to router further. Instead of using "autoselect ppp" you can use "autocommand ppp" so that after successful authentication in terminal window, router will directly start PPP. Callback with that command shouldn't be a problem.

90
Views
0
Helpful
2
Replies