Implementing Security with Host Device Dial Out
To authenticate a host device dial out user, configure a host device port with a device service of Telnet and a TCP port number between 10,000 and 10,100. These ports can only be connected to by the NETServer itself, forcing the user to telnet to port 23, the default telnet port, and have the NETServer forward him to the modem. When the user connects to port 23, he or she will be prompted for a user name and password just like a login user. The port setup would look something like this:
set s1 device \dev\network
set s1 service_device telnet 10000 set s1 modem off
save all reset s1
Since such a user will be authenticated, he or she will require a user table entry. Example:
add user Dialer password dialoutpw
set user Dialer host <NETServer IP address> (user’s host is NETServer)
set user Dialer service telnet 10000
To use the modem, the user telnets to the NETServer
telnet <NETServer IP address>
The user will then be prompted for a user name and password. If he or she responds correctly, the user will be connected directly to the modem’s command line.
Note: RADIUS servers have a user type called Outbound User which is defined as a dial out user on the local network. How- ever, because the NETServer defines these users as login users whose host is the NETServer itself, in RADIUS you would configure these users with the user type
