Lantronix SLB Lantronix SLB - User Guide - Page 137

8: Device Ports Modem Dialing States This section describes how each modem state that supports sites operates when sites are enabled. Dial In The SLB waits for a peer to call the SLB to establish a text (command line) or PPP connection.  For text connections, the user will be prompted for a login and password, and will be authenticated via the currently enabled authentication methods (Local Users, NIS, LDAP, etc). The site list will be searched for a site that (a) the Login/CHAP Host matches the name that was authenticated, (b) Authentication is set to PAP, and (c) the Port is set to None or matches the port the modem is on. If a matching site is found, the Timeout Logins parameter configured for the site will be used for the rest of the dial-in connection instead of the Timeout Logins parameter configured for the modem. Once authenticated, a CLI session will be initiated, and the user will remain connected to the SLB until they either logout of the CLI session, or (if Timeout Logins is enabled) the CLI session is terminated if it has been idle.  For PPP connections, the user will be authenticated via PAP or CHAP (determined by the Authentication setting for the modem). For PAP, the Local/Remote User list will be used to authenticate the login and password sent by the PPP peer, and the site list will be searched for a site that (a) the Login/CHAP Host matches the name that was authenticated, (b) Authentication is set to PAP, and (c) the Port is set to None or matches the port the modem is on. For CHAP, the site list will be searched for a site that (a) the Login/CHAP Host and CHAP Secret match the name and secret sent in the CHAP Challenge response by the PPP peer, (b) Authentication is set to CHAP, and (c) the Port is set to None or matches the port the modem is on. If the remote peer requests PAP or CHAP authentication from the SLB, the Remote/Dial-out Login and Remote/Dial-out Password configured for the modem (not the site) will be provided as authentication tokens. If a matching site is found, its Negotiate IP Address, NAT, and Modem Timeout parameters will be used for the rest of the dial-in connection instead of the parameters configured for the modem. Once authenticated, a PPP session will be established using either negotiated IP addresses or specific IP addresses (determined by the Negotiate IP Address setting). The PPP connection will stay active until no IP traffic is sent for Modem Timeout seconds. Dial-back The SLB waits for a peer to call the SLB, establishes a text (command line) or PPP connection, authenticates the user, and if the SLB is able to determine a dial-back number to use, hangs up and calls the dial-back number to establish either a text or PPP connection.  For text connections, the user will be prompted for a login and password, and will be authenticated via the currently enabled authentication methods (Local Users, NIS, LDAP, etc). The site list will be searched for a site that (a) the Login/CHAP Host matches the name that was authenticated, (b) Authentication is set to PAP, and (c) the Port is set to None or matches the port the modem is on. If a matching site is found, its Timeout Logins, Dial-back Number, Allow Dial-back, and Dial-back Delay parameters will be used for the rest of the dial-back connection instead of the parameters configured for the modem. Once the remote server is authenticated, if Allow Dialback is enabled for the site and a Dial-back Number is defined, the SLB will hang up and wait Dial-back Delay seconds before initiating the dial-back. The SLB will dial, prompt the user again for a login and password, and a CLI session will be initiated. The user will remain connected to the SLB until they either logout of the CLI session, or (if Timeout Logins is enabled) the CLI session is terminated if it has been idle. SLB - Branch Office Manager User Guide 137