PPP on ORS - Why is it so hard to use?
Ken Wolff
I've been running OSR5.0.4 since Jan 1998. We are converting to 5.0.5 this
weekend. Yet I still cannot seem to "get/understand" PPP on OpenServer.
Long ago I gave up trying to configure inbound PPP on OpenServer. I tried
and tried and had one problem after another. I eventually moved our serial
port board to our NT machine, spent 15 minutes configuring PPP inbound on
NT, and it worked.
So I have given up on using SCO for PPP inbound, but still need it for PPP
outgoing. At various times we need to interface with 3 different systems
via a PPP outgoing connection. The 1st, to our primary ISP is simple
enough. No CHAP no problems.
The second is to an ISP we are migrating to (because service from the ISP
mentioned above sucks). This ISP uses CHAP. How do I configure this under
OSR505? I've spent the last week trying this.
The third is back into out NT server running RAS (and I think CHAP). I'd
like to have the home PC I test on be able to get back into our corporate
network via our NT RAS server. Am I running into the same CHAP problem here.
I guess, the bottom line here is that I don't understand why PPP is so
incredibly hard to get working on SCO (I've tries both SCO and MST PPP).
Under Win9x and NT it's a piece of cake. Hell, even under Redhat Linux
configuring Chap is very simple.
Now I have to assume I'm missing something very basic. If someone can
point me in the right direction, I would really appreciate it!!!! How do I
get CHAP working on an outbound connection, and how do I dial out from
OpenServer to a RAS NT server?
Thanks,
========================================================
Ken Wolff
MAXIMUS, Inc.
http://www.maxinc.com
Phone: 616-957-4949 ext. 111
FAX: 616-957-1614
========================================================
Evan Hunt
Don't blame me, I voted for Ken Wolff <ke...@dmg-grsd.com>.
>The second is to an ISP we are migrating to (because service from the ISP
>mentioned above sucks). This ISP uses CHAP. How do I configure this under
>OSR505? I've spent the last week trying this.
SCO PPP: Add "name=<username>" to /etc/ppphosts. Add "<name> <password>"
to /etc/pppauth (or with some ISPs, including MCI and ATT/Worldnet, you
need to put in a wildcard name, "* <password>"). That's all you
have to do; CHAP will be turned on by the ISP during initial
negotiation.
MST PPP: Almost the same. Add "name <username>" to /usr/lib/mstppp/Autostart.
Add "<name> <password>" or "* <password>" to /usr/lib/mstppp/Auth.
IMPORTANT NOTE: Some NT RAS systems will require not just CHAP, but
Microsoft CHAP, which is similar but uses a different encryption/hashing
algorithm. SCO PPP does not support that protocol yet (but it will in
5.0.6). MST PPP supports it already.
So if the ISP requires Microsft CHAP, you will have to use MST PPP,
and you will probably have to use the "* <password>" form for your Auth
file, on account of NT does stupid things with the name field in
MS-CHAP challenges.
--
Evan Hunt - evanh at sco dot com
"The only thing better than normal, everyday spam is spam from the Lord."
- Jason Abbott
Evan Hunt
I wrote:
>SCO PPP: Add "name=<username>" to /etc/ppphosts. Add "<name> <password>"
>to /etc/pppauth (or with some ISPs, including MCI and ATT/Worldnet, you
>need to put in a wildcard name, "* <password>"). That's all you
>have to do; CHAP will be turned on by the ISP during initial
>negotiation.
One more thing... make sure that in /usr/lib/uucp/Systems (for SCO
PPP) or /usr/lib/mstppp/Systems (for MST PPP), you haven't got a chat
script that expects "login:" or "Password:" prompts. If you're
authenticating with CHAP, then generally speaking you won't need to
log in (in the UNIXy sense of the term).
Tony Lawrence
> I guess, the bottom line here is that I don't understand why PPP is so
> incredibly hard to get working on SCO (I've tries both SCO and MST PPP).
> Under Win9x and NT it's a piece of cake. Hell, even under Redhat Linux
> configuring Chap is very simple.
See if http://www.aplawrence.com/Unixart/quickppp.html helps
you understanding.
BTW, the ppp gui manager on UW7.1 is almost as easy as
Windows, and quite a bit more flexible- not that this helps
you with OSR5, just a point of interest..
--
Tony Lawrence (to...@aplawrence.com)
SCO articles, help, book reviews, tests,
job listings and more : http://www.aplawrence.com
Darryl Krasman
>
> Looking for any input here.
>
> I've been running OSR5.0.4 since Jan 1998. We are converting to 5.0.5 this
> weekend. Yet I still cannot seem to "get/understand" PPP on OpenServer.
>
> Long ago I gave up trying to configure inbound PPP on OpenServer. I tried
> and tried and had one problem after another. I eventually moved our serial
> port board to our NT machine, spent 15 minutes configuring PPP inbound on
> NT, and it worked.
<snip>
Ken,
If you were trying to get Windoze to dial in to your 504 or 505 box then
you will want to do some DUN Scripting on the Windoze side. However, I
have just monkeyed with a 505 box and there now is auto detection of
incomming PPP calls done via -s option to getty and a file called
/etc/gettyacts. This can negate the need for scripting on the Windoze
side. I don't know if that was available in 504 but it works like a
charm in 505.
Try this for auto PPP from Windoze to 505 SCO PPP:
-add a user such as "genppp" with home directory of /usr/lib/ppp and
shell of /usr/lib/ppp/ppp
-add the following to /etc/ppphosts:
*genppp remote=+generic filter=default flow=rtscts accm=0 auth=pap
mask=255.255.255.0
-add the following to /etc/ppppool (where NETWORK is something like
192.168.1):
generic NETWORK.100:NETWORK.101\
NETWORK.102:NETWORK.103\
NETWORK.104:NETWORK.105\
NETWORK.106:NETWORK.107\
NETWORK.108:NETWORK.109
- add specific user names and passwords in /etc/pppauth such as
(and also specify those in your Windoze DUN connect screen):
kenwolff pppking
- create /etc/gettyacts with (ownership bin,group bin,modes 440):
PPP:/usr/lib/ppp/ppp:-u genppp:0x7e
- change your modem getty line in /etc/inittab (also
/etc/conf/init.d/<file>) and add "-s20" (that's 20 tenths of a second or
2 seconds - the man pages incorrectly say it is seconds):
Se2A:234:respawn:/etc/getty -s20 tty2A modem
- then have pppd re-examine the configuration files and get the new
getty flag in operation:
# disable tty2A; enable tty2A
# kill -1 `cat /etc/pppd.pid`
This works with 95 & 98 DUN.
--
Darryl
Ideal Computer Group Inc.
Jean-Pierre Radley
| Ken Wolff wrote:
|
| If you were trying to get Windoze to dial in to your 504 or 505 box then
| you will want to do some DUN Scripting on the Windoze side. However, I
| have just monkeyed with a 505 box and there now is auto detection of
| incomming PPP calls done via -s option to getty and a file called
| /etc/gettyacts. This can negate the need for scripting on the Windoze
| side. I don't know if that was available in 504 but it works like a
| charm in 505.
Thanks, Darryl. Where'd you dig up the information to make gettyacts
useful? I've been looking around for some time.
Do you have any lines to use in gettyacts to take care of an incoming FAX
instead of an incoming PPP or DATA call?
--
Jean-Pierre Radley <j...@jpr.com> XC/XT Custodian Sysop, CompuServe SCOForum
Darryl Krasman
> Thanks, Darryl. Where'd you dig up the information to make gettyacts
> useful? I've been looking around for some time.
I happened on the -s & -f flags while doing a man getty. From there a
man gettydefs got me an example. The problem was that the -s detect-time
in the man page says seconds when it was really 10ths of seconds. A
setting of -s2 left precious little time for the Windoze box to get out
the detect character. High debugging on the getty showed the unit was
tenths. A setting of -s20 is usable and doesn't interfere with normal
logins too much. I suppose one could use this feature to set up a custom
program for downloading/uploading data to a hand held unit or custom
designed hardware. With some mods to atdialer I guess you could
incorporate your own voice stuff if your modem supports that.
For kicks, try this:
NA:/usr/bin/banner:Hi there:0x01
Then dial in and in the 2 seconds before a login prompt press ^a.
> Do you have any lines to use in gettyacts to take care of an incoming FAX
> instead of an incoming PPP or DATA call?
I don't have a program suitable to receive a fax handy but I tried the
concept with a shell script (which needs #!/bin/sh or the exec will
fail). You need to add the -f flag to the getty entry and add a FAX
entry to /etc/gettyacts such as:
FAX:/tmp/fax::
and /tmp/fax has:
#!/bin/sh
echo 'settings: '$* >/tmp/fax.log
echo '\nEnvironment:'>>/tmp/fax.log
set >>/tmp/fax.log
exit 0
and you also need to add RTC_FAX line to your atdialer file. For my
MultiTech 2834ZDXb this seems to do the trick:
RTC_FAX=+FCON
Also look at MDM_FAXBAUD & others found in atdialer.c. What happens is
that the atdialer doesn't exit and turn control over to getty until the
RTC_FAX fails. The fly in this ointment is that it seems a regular user
can't use the line for dialing out with cu. Mind you, on this machine,
I've only got rs505a on and not oss497b & oss600a as yet.
Scott Roberts
Darryl Krasman wrote in message <375B1282...@idealgroup.com>...
<snip>
>If you were trying to get Windoze to dial in to your 504 or 505 box
then
>you will want to do some DUN Scripting on the Windoze side. However,
I
>have just monkeyed with a 505 box and there now is auto detection of
>incomming PPP calls done via -s option to getty and a file called
>/etc/gettyacts. This can negate the need for scripting on the Windoze
>side. I don't know if that was available in 504 but it works like a
>charm in 505.
The -s option is in the getty man page in 504 and, to my surprise,
there was already an entry in /etc/gettyacts for the ppp user I have
set up. Perhaps the account manager did this for me, or maybe the
mstppp config?
Thanks for the tip Darryl.
Scott