Using and Configuring Features Version 3.3

Using a Dial-In Access to LANs (DIALs) Server

A DIALs Server allows remote users to dial in to a LAN and access the resources of the LAN in the same manner as if they were locally attached with a LAN adapter. Similarly, the DIALs Server also allows LAN-attached users to dial out to WAN resources (such as bulletin boards, FAX machines, Internet Service Providers (ISP) and other on-line services) eliminating the need for an analog phone line and modem on their workstation.

The DIALs Server can be configured for both dial-in and dial-out users simultaneously. The IBM DIALs Dial-In Client runs on the remote workstation and provides the dial-in function. Figure 33 shows an example of a device used as a DIALs Server supporting the dial-in function.

Figure 33. An Example of a DIALs Server Supporting Dial-In

The IBM DIALs Dial-Out Client runs on the network-attached workstation and provides the dial-out function. Figure 34 shows an example of a 2210 used as a DIALs Server supporting the dial-out function.

Figure 34. An Example of a DIALs Server Supporting Dial-Out

Before Using Dial-In-Access

Before using Dial-In Access, you need:

• A workstation running the IBM DIALs Dial-In Client or another PPP dial-in client (referred to as the dial-in client or PPP dial-in client throughout the following sections).

• Completed protocol configurations on the client machine.

• ISDN interfaces, integrated modem interfaces, a null modem interface, or external V.34 modems connected to the WAN ports of the 2210 that you want to use for single user dial-in.

• A fully configured DIALs Server in your LAN.

Configuring Dial-In Access

This section describes how to configure both dial-in and dial-out functions on the DIALs Server. Configuring a client to use dial-in access is described in the documentation associated with the client the workstation uses.

Configuring Dial-In Interfaces

Dial-in interfaces on the 2210 are a special type of dial-circuit. Because most of the settings for a typical dial-circuit are not relevant for single-user dial-in applications, a new device type called dial-in can be added that sets appropriate defaults for the dial-circuit. Adding a dial-in device also sets up the PPP encapsulator configuration defaults that work with the majority of PPP dial-in clients, including the IBM DIALs Dial-In client. These defaults are described in "Dial Circuit Parameter Defaults for Dial-In Interfaces" and "Dial Circuit PPP Encapsulator Parameters for Dial-In Circuits".

Note:

DIALs function can only be enabled on dial-in circuits. Dial-in circuits are only supported when the base net is a V.34 or a ISDN net.

Dial Circuit Parameter Defaults for Dial-In Interfaces

Notes:

1. Do not override the parameters described in this section. Doing so will prevent the dial-in function from operating correctly.

2. Some parameters may not be displayed or configurable. For a complete description of the parameters, see "Configuring and Monitoring Dial Circuits" in the Software User's Guide.

The following defaults are set when you add a dial-in interface:

• Idle time is set to 0. Note that a standard circuit is defined as a circuit where the idle timer has no meaning. It will not be a fixed circuit to automatically dial-out. The only time the circuit will dial-out is if a PPP callback has been negotiated or if Multilink PPP has been enabled on this circuit. See "Shiva Password Authentication Protocol (SPAP)" and "Using the Multilink PPP Protocol" in the Software User's Guide .

• Inbound calls are allowed. Any inbound is setup because PPP dial-in clients do not use the LID exchange implemented by Nways dial-circuits.

• Outbound calls are allowed.

  Note:

  "Outbound" for a dial-in circuit is not the same as a dial-out circuit. See "Before Configuring Dial-Out Interfaces".

• A default destination address is set up for "default_address" This address is added to either the list of V.34 addresses or ISDN addresses. Because these calls are inbound and the only outbound calls will be the result of either a callback or a multilink PPP exchange, the destination address is meaningless. However the address is required for the circuit parameters. Do not delete this address or your circuits will come up disabled.

Dial Circuit PPP Encapsulator Parameters for Dial-In Circuits

The following defaults are set when you add a dial-in interface:

• Authentication is enabled for SPAP, CHAP, and PAP.

• The PPP MRU is set to 1522. This MRU size is needed for the Windows 3.1, OS/2, and DOS versions of the IBM DIALs Dial-In clients. Do not change this setting unless you know you are not using these clients.

• Automatically enables DIALs on the PPP encapsulator. This turns on some of the features important for Dial-In Access to LANs users such as the NetBIOS Control protocol, NetBIOS Frame Control protocol, time remaining, SPAP authentication, callback, LCP identification, and automatic addition and deletion of IP static routes to the client. See "Using Point-to-Point Protocol Interfaces" in Software User's Guide for more information on the DIALs features.

Adding a Dial-In Interface

To add a dial-in interface:

1. Configure a V.34 or ISDN base net on one of the available WAN interfaces of the 2210. See "Using the V.34 Network Interface" and "Using the ISDN Interface" in the Software User's Guide for configuration details.

2. Enter talk 6 to access the Config > prompt.

3. Enter add device dial-in at the Config > prompt to add the dial-in interface. You will be asked how many dial-in circuits to add. This command will create the new nets, report their net numbers, prompt for the base net number and prompt to enable for Multilink PPP.

   Example: Assume the current maximum net is 3 and you want to add 1 dial-in net to the base 2 net.

Figure 35 is an example of defining a dial-in interface.

Figure 35. Adding a Dial-In Interface

Config>add dev dial-in    
Adding device as interface 4                        
Defaulting Data-link protocol to PPP                
Use "net 4" command to configure circuit parameters 
Base net for this circuit [0]? 2
                                                     
Enable as a Multilink PPP link? [no]                
                                                     
Disabled as a Multilink PPP link.
 
Use "set data-link" command to change the data-link  protocol
Use "net " command to configure dial circuit parameters.     
Config>li dev
Ifc 0     Ethernet               CSR  81600, CSR2  80C00, vector 94 
Ifc 1     V.34 Base Net          CSR  81620, CSR2  80D00, vector 93 
Ifc 2     V.34 Base Net          CSR  81640, CSR2  80E00, vector 92 
Ifc 3     PPP Dial-in Circuit                                       
Ifc 4     PPP Dial-in Circuit                                       

Before Configuring Dial-Out Interfaces

Before configuring and using dial-out interfaces on the 2210, you need:

• IBM Nways software with DIALs support loaded on a 2210.

• An external V.34 modem, an integrated modem, or a null modem, , or an ISDN interface if connecting to an available WAN port on the 2210. See "Using the V.34 Network Interface" in the Software User's Guide for configuration information.

• A workstation connected to the LAN that has access to the 2210 DIALs Server.

• Software on the client such as telnet, a telnet redirector or the IBM DIALs Dial-Out clients. IP must be correctly configured on the client in order for the dial-out client to work.

Null Modem Usage

When using a null modem, use D25NM-3 full handshake:

Pin mapping:

1 to 1

1 to 1

2 to 3

3 to 2

4 to 5

5 to 4

6 to 8, 20

8, 20 to 6

7 to 7

7 to 7

Configuring Dial-Out Interfaces

The following steps describe how to configure a dial-out interface on your device.

1. Connect a V.34 modem to the WAN port that you will use as a dial-out interface.

2. Connect to the console of the 2210 DIALs Server.

3. Enter talk 6 at the * prompt.

4. Set up a V.34 interface. See "Using the V.34 Network Interface" in the Software User's Guide for details.

5. Add a dial-out interface using the add device dial-out command. When prompted for the interface, use an available V.34 interface number.

   Notes:

   1. Multiple circuits can be configured on top of a V.34 base net. However, only one circuit can be active at any given time.

   2. The software defines a V.34 address called default_address. Do not delete this address as it is required by dial-out and dial-out will not work without it.

6. Configure the PPP authentication server, if you are using the IBM DIALs Dial-Out client, and add PPP users as described in "PPP Authentication Protocols" in the Software User's Guide. The added PPP users should have dial-out enabled. Dialing out using telnet does not require authentication, therefore do not configure authentication for telnet sessions.

7. Configure the global dial-out parameters using the feature dials command. See the feature command in the Software User's Guide.

   In this environment you can configure the dial-out inactivity timer, the dial-out server name, modem pools, and other parameters.

8. For the IBM DIALs Dial-Out client to work correctly, a SNMP community must be defined with read access granted to all dial-out clients that should be able to use the dial-out server. This is required for the dial-out chooser application to be able to discover dial-out servers on the network. Refer to "SNMP Management" in the Protocol Configuration and Monitoring Reference Volume 1 for information about how to configure a SNMP community.

9. Restart the device.

Configuring Modem Pools

Modem pools are defined as a group of modems which appear to the user as one modem. When the user needs to dial-out, the first available modem in this pool is used. Modem pools are created in the 2210 DIALs Server by defining groups of dial-out interfaces with the same portname. By default, all dial-out interfaces are named "ALL_PORTS" which creates a modem pool. Naming the dial-out interfaces individually enables a user to select a particular modem to dial-out.

To configure a modem pool:

1. Enter talk 6 at the * prompt.

2. Enter net n, where n is the number of the dial-out interface as defined in "Using the V.34 Network Interface" in the Software User's Guide. This action places you in the configuration environment for the interface.

3. Enter encapsulator (see "Configuring and Monitoring Dial Circuits" in the Software User's Guide ) at the Circuit Config> prompt. This action places you in the dial-out configuration environment.

4. Enter set portname at the Dial-out Config> prompt. This action will prompt you for the name of the port (up to 30 characters). If you specify an existing port name, the modem is added to the pool with that name.

5. Restart the 2210.

Before Configuring Global DIALs Parameters

This section describes the global DIALs Server parameters.

Server Provided IP Addresses

The router can be configured to provide an IP address for a dial-in client to use for the duration of its connection. The address the router will assign to the client can be retrieved by 4 different methods. These methods, in order of priority are listed below:

1. User ID

   An IP address can be stored in the PPP user profile for each client. When a client connects and requests an IP address, the router retrieves the address configured in that user's PPP user profile. This allows the user to get the same IP address each time, but requires a unique IP address for every user.

   Use the Config> add ppp-user command to configure an IP address in the PPP user profile.

2. Interface

   An IP address can be stored in the dial-in interface configuration. When a client connects and request an IP address, the router retrieves the address from the interface through which the connection was made. This method requires a unique IP address for each dial-in interface.

   To set the interface IP address:

   • Use the Config> list devices command to display the interface number assigned to the hardware interface.

   • Use the Config> net 'x' command, where 'x' is the configured interface number, to access the command prompt for the interface.

   • Use the PPP Config> set ipcp command to set the interface IP address.

3. Pool

   Blocks of IP addresses can be stored in a IP address pool. When a client connects and requests an address, the router retrieves an address from the pool. When the client disconnects, the address is returned to the pool. This method provides a single location for configuring dial-in client's IP address without the need for an address server.

   Use the DIALs config> add ip-pool command to add a pool of IP addresses.

4. DHCP Proxy

   An IP address can be leased from a DHCP server. When a client connects and requests an address, the router requests an address from the DHCP server on behalf of the client. This method requires a DHCP server be present on the LAN or configured in the router. One DHCP server can provide addresses for clients on multiple routers. See Dynamic Host Configuration Protocol (DHCP) for more information.

   Use the DIALs config> add dhcp-server command to add a DHCP server.

IP Address Assignment Methods

The IP address used by a dial-in client for the duration of the connection may come from 5 different sources. These sources are listed in order of precedence:

1. client provided

2. user id assigned

3. interface assigned

4. address pool

5. DHCP server

When a dial-in client connects, the router steps through these sources until it finds an address or exhausts all sources. If no IP address can be found, IPCP negotiation fails. Any combination of methods may be used.

The default configuration is:

 Client     :  Enabled
 UserID     :  Enabled
 Interface  :  Enabled
 Pool       :  Enabled
 DHCP Proxy :  Disabled    

Dynamic Host Configuration Protocol (DHCP)

The Dynamic Host Configuration Protocol (DHCP) was developed to provide configuration parameters to hosts on a network. Among other configuration parameters, DHCP has a mechanism for allocation of network addresses to hosts.

The Proxy DHCP feature acts as a client on behalf of a dial-in PPP user. This allows the device to obtain an IP address lease for the duration of the dial-in session, or until the lease expires. The IP address that is allocated from the DHCP server is communicated to the dial-in client through PPP IPCP (see "IP Control Protocol" in the Software User's Guide for a description of IPCP). The dial-in client software has no knowledge that DHCP was used to allocate an IP address, and thus requires no DHCP activation of any kind.

Proxy DHCP requires that at least one DHCP server be configured and accessible from the router.

Proxy DHCP requires that the addresses being allocated to dial-in users be within the same subnet of a directly connected LAN. In a typical configuration, this requires enabling proxy ARP subnet routing to allow the router to answer ARP requests to hosts on the local network on behalf of the dial-in clients.

Basic DHCP Setup

The most basic configuration calls for a single DHCP server on the same network as the router, with dial-in addresses to be leased within the same subnet as this LAN.

When the client dials in, a lease for an IP address is obtained from the DHCP server and used in IPCP negotiation with the client.

1. Connect 2210 and DHCP to the same LAN.

2. Configure and start the DHCP server (see your DHCP server's documentation for how to setup your server to lease IP addresses. Remember, the IP addresses to be leased MUST be within a subnet of a directly connected LAN and proxy ARP must be enabled on the 2210).

3. The typical setup for Proxy DHCP disables Client-Specified, Userid, and Interface and Pool IP Address Negotiation options:

   Dials Config>list ip
   DIALs client IP address specification:
   Client : disabled
   UserID : disabled
   Interface : disabled
   DHCP Proxy : enabled
   

4. Add DHCP server (Dials Config> add dhcp 10.0.0.111)

5. Set dial-in client software to Server assigned.

   Notes:

   1. Server assigned configuration varies among different dial-in client implementations.

   2. The client software should not be configured to obtain its address from DHCP. The client should obtain its address by sending an address of 0.0.0.0 to IPCP on the initial configure request.

6. For this setup, let the DHCP GATEWAY ADDRESS default to 0.0.0.0.

Multiple Hops to DHCP Server

The configured DHCP server(s) should be IP addresses which are reachable from the connected router. You should always be able to ping the server from the remote access box.

When the DHCP server is located multiple hops away, the server needs to know an address to reply to, and to indicate which pool to allocate an IP address from. The pool to allocate an IP from is important because the DHCP server could be utilized to serve addresses to a number of subnets and there must be some indication as to which pool of addresses to select from. The DHCP Gateway Address (giaddr) is used for this (the terminology is based on the definition given in RFC 2131). The giaddr must be an address that is local to the 2210, such as the token ring or Ethernet LAN port. Also, since the giaddr is the address which the DHCP server will use to reply, make sure you can ping this address from the DHCP server itself.

Multiple DHCP Servers Network

You can configure multiple DHCP servers for redundancy. When you configure multiple servers, the Proxy DHCP client asks all servers for an address and accepts the first response received. If any of the DHCP servers are more than one hop away, or are connected to a subnet which is not associated with the addresses in its pool, then giaddr must be configured. See "Multiple Hops to DHCP Server".

While there can be more than one DHCP server offering addresses, it is important to not allow the pool of addresses configured at each server to overlap. Further, because there is only one giaddr for the DHCP server to respond to and perform a lookup with, each pool of address must be in the same subnet as each other.

Dynamic Domain Name Server (DDNS)

A Domain Name Server (DNS) maps IP addresses to hostnames and is typically static in nature. Dynamic DNS is a feature that, when used with a DDNS DHCP server and a DNS server, enables DHCP to dynamically update the DNS server with an IP address and hostname mapping. This feature may only be used in conjunction with Proxy DHCP.

When you enable Dynamic DNS on the 2210 and you configure a hostname in the user profile (see "PPP Authentication Protocols" in the Software User's Guide), this hostname is passed as option 81 (DDNS) to the DHCP SERVER. If you configured the DHCP server correctly for DDNS, the DHCP server updates the DDNS server with the IP address that it leased to the router and the hostname that the router sent to it. This allows other users to access the dial-in client through the hostname rather than requiring the client to know the dynamically chosen IP address.