Discussion:
how to disconnect
(too old to reply)
A. Payzulaev
2008-05-06 16:31:23 UTC
Permalink
Hello.
We need to disconnect open RAS port remotelly (via SNMP or RADIUS, by
client IP or username). How?

Thanks.
A. Payzulaev
2008-05-07 12:12:09 UTC
Permalink
Post by A. Payzulaev
Hello.
We need to disconnect open RAS port remotelly (via SNMP or RADIUS, by
client IP or username). How?
Thanks.
I mean is it real without thirdparty software on W2003? :)
S. Pidgorny <MVP>
2008-05-08 11:39:00 UTC
Permalink
Cannot easily do that with RADIUS, as even if you change policy - RRAS will
keep port open until the next authentication event.

You have to be really creative with RAS ... Can yu give details of your
scenario?
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by A. Payzulaev
Post by A. Payzulaev
Hello.
We need to disconnect open RAS port remotelly (via SNMP or RADIUS, by
client IP or username). How?
Thanks.
I mean is it real without thirdparty software on W2003? :)
A. Payzulaev
2008-05-08 18:58:35 UTC
Permalink
Post by S. Pidgorny <MVP>
Cannot easily do that with RADIUS, as even if you change policy - RRAS will
keep port open until the next authentication event.
You have to be really creative with RAS ... Can yu give details of your
scenario?
Scenario is simple, users are connecting to RADIUS-controlled W2003 RRAS
server. We need a way to disconnect them via RADIUS or SNMP protocol
remotelly, from billing or NMS for example. There are thirdparty SNMP
extension agents for RRAS monitoring but not for control. Also found info
about RFC 3576 RADIUS protocol extension but I think it is not supported
in W2003 RADIUS client.
IMHO simplest way to get things done are SNMP extension agent (DLL) coding
to control RAS directly via RAS API calls. Another way is implementing RFC
3576 RADIUS protocol extension bothside.
S. Pidgorny <MVP>
2008-05-21 07:19:26 UTC
Permalink
You've got reasonably good idea. Sorry cannot help you with the
implementation.
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Post by A. Payzulaev
Post by S. Pidgorny <MVP>
Cannot easily do that with RADIUS, as even if you change policy - RRAS will
keep port open until the next authentication event.
You have to be really creative with RAS ... Can yu give details of your
scenario?
Scenario is simple, users are connecting to RADIUS-controlled W2003 RRAS
server. We need a way to disconnect them via RADIUS or SNMP protocol
remotelly, from billing or NMS for example. There are thirdparty SNMP
extension agents for RRAS monitoring but not for control. Also found info
about RFC 3576 RADIUS protocol extension but I think it is not supported
in W2003 RADIUS client.
IMHO simplest way to get things done are SNMP extension agent (DLL) coding
to control RAS directly via RAS API calls. Another way is implementing RFC
3576 RADIUS protocol extension bothside.
Loading...