Modem (analog) Dial-in

Modem (analog) dialin involves the following subsystems:

  1. Mgetty: Its purpose is merely to "pick up" the phone when it rings. And set up the serial line. After this, it either invokes /bin/login for direct logins (not used any more, except for tests/troubleshooting) or pppd for Internet dialins.
  2. PPPd: Encapsulates internet traffic (TCP/IP) into serial packets, which can be sent over the modem line to the client. At the beginning of the connection, it authenticates the user. For this two files are checked:
    1. /etc/ppp/pap-secrets is the list of users allowed to login in over modem. Most users are not allowed (such as students), so this must indeed be explicit. /etc/ppp/pap-secrets is a symbolic link to /home/admin/ppp/pap-secrets, and is served to telco1 (where pppd runs) via NFS. Occasionnally, it is needed to remount the /home directory, if after an ltnb0 crash telco1 didn't pick it up automatically.
    2. The password list is supplied via NIS/YP.
    3. PPPd forwards network traffic from the modem line to its final destination, which may either be the local LTNB network, or the internet. In the latter case, traffic is routed via ltnb10.
  3. NFS File Server: Supplies the list of users allowed to dial in.
  4. NIS/YP: Supplies the list of passwords for each user.
ISDN connection are handled much more simply: they use the RAW IP protocol, and are merely authenticated by calling telephone number.

Needed cisco ports

TCP port 80 and 443 from & the dialup IP addresses (158.64.28.161-158.64.28.168).