Kudos: Thanks to Ryder Brooks of SCO's technical staff (and the tech support administration) for the time and education that provided the background for this instruction guide.
0. Preparation what you'll need to get PPP dial-in working"Virgin" Unixware 7.1 or 7.1.1 system (a system that hasn't been messed' with in trying to setup incoming PPP). This is the best place to start. If you've tried to setup PPP and have failed, you may need to restore your settings to their default state before proceeding. (Notes on some of those are listed below). If you plan on logging in as root', keep your security level to low or traditional.
Hardware adequate to support your system. Our system is a "white box" AMD K6/2 350 with 3 8GB IDE fixed disks, 1 IDE CD-ROM, 192Mb RAM although we initially installed the system with 1 fixed disk, 1 CD ROM and 64Mb RAM.
The minimum patch list must be installed for Unixware. In addition, patches related to iasy0 (serial communications), ping, ppp should also be installed even if not on the minimum patch list. Ver 7.1.1 includes a number of patches (see TA 110731) to which we added
ptf 7140a: Webtop upgrade to 1.41 ptf7601b inet ptf7602c xvfs ptf7603c fs ptf7608b sd01 ptf7612b ping ptf7613a iasy ptf7616a specfs
(A reboot / kernel re-link is required following most of these patches so this will take a while.)
There is also a patch to the /usr/lib/ppp/psm/ipexec.sh that must be applied for arp (TA110758).
At least one modem attached to the Unixware system. It is also nice to have your modem manual, as sometimes Unixware can't correctly identify your modem (e.g., in our site, a Wisecom 5614 may be identified as a Zoom V.34X and the setup strings aren't the same)
A Windows (95 or later) system from which you can try the settings. Make sure that your modem can dial into another system (e.g., your ISP) before testing this. Make sure that you can log in using ppp telnet access is inconclusive at this point. It may be that your modems are incompatible for running ppp which will give not only false information but also headaches. Make sure that you have installed the current relevant patches for Windows: e.g., Dial up Networking 1.3 (MSDUN13), Internet Explorer 4.02 SP1, etc.
Your skill with Unixware in using a text editor. You may need to edit some files.
------------
Note: Use of the term "Unixware" refers to Unixware 7.1 and later
only. Unixware is a trademark of SCO, Santa Cruz Operations.
Windows is a trademark of Microsoft Corporation.
Limitations: We have set up users to dial in and authenticate via PAP only, PAP and login, login only; we have not set up CHAP authentication. Realizing the danger of assuming, we anticipate that CHAP authentication would be identical to that of PAP with the same rules and limitations.
At this point, your Unixware system should be running with the modem attached and you should be logged in at the console as root.
1. Add User AccountsUsers may log into your system in two ways under Unixware: as authenticating users only, or as Unix users.
Decide now how you want your users to be authenticated and what options you want them to have:
If you want to eliminate all possibility of character logins and are willing to live with "invisible" users, select "Authenticating" users.
If you want to track users and make them visible to the system, if you need character based access to the system, select "Unix" users.
Why is this distinction important?
PPP users can be authenticated by CHAP, PAP, login (Unix names/passwords) or a combination of these. Character-based users are only authenticated by logins. If you require PAP, then all users must authenticate at least by PAP regardless of anything else. You can theoretically require PAP for only some users: the .pppcfg file has sections for global bundle authentication and specific bundle authentication; however, if CHAP or PAP is required for one users, it is required for all.
For the illustration below, we'll set up a "hybrid" system to demonstrate both PAP and login authentication.
To add Unix Users: From the CDE desktop, open System Administration General Account Manager
Click on the leftmost button (the single person with "+") or Users Add
Login: nppp This will be our Unix PPP User's name User ID: #### Comment: ppp user login Netware Login ID: Login Shell: /usr/bin/pppsh You must manually change this from whatever the default is to this Home Directory: /home/nppp Login Group: other You might want to create a new group called "ppp users" via Group Add then assign your ppp users to that login group Login Locale: System Default Click on OK On the Password screen, enter Password: nppp It won't show Confirm: nppp Click on OK
If you want to allow / limit your users to specific systems, you can click Users Remote Access but we'll leave that alone for now.
Exit from the Account Manager
Files you've affected: /etc/passwd; /etc/shadow
Before we begin:
Our configuration is with a Wisecom modem, model FB WS5614ES3KV.
Click on Hardware Modem Manager Your modem should not be displayed, so click on Modem Add Automatic Detection
Detect modems on serial port: 00m or whatever port you're connected to If you select ALL, then Unixware may not find any modems.
Click on Detect, then OK
If it finds your modem: is what is found the correct type you have? If so, great. If not, then configure manually.
If it doesn't find your modem, you must configure it manually.
Manual Configuration: Click on Modem Add Manual Modem Vendor: select the manufacturer Modem Model" select the model Not found? Try vendor = Standard Modem Types Model = Standard 28800 bps Modem Select the port: term/00m Configure port (same screen as below **) Port Type: Com 1 modem Configure Port: Incoming and Outgoing Incoming only may require modification of the /etc/saf/ttymon1/_pmtab file later on. Even if you're not going to dial out, select this one. Speed: 115200 (default) Port Settings: Data 8 (default) Parity None (default) Receive Buffer 8 (default) OK
Check your changes in the /etc/uucp/Devices file:
ACU term/00m,M 115200 Standard_28800_bps_Modem
If your modem is not found or needs additional changes, you'll need to modify the following:
/etc/uucp/default/{name of modem config file} e.g., we want to create a file for Wisecom5614E, so we'll create a file with that name:
cp Zoom_V.34X Wisecom5614E vi Wisecom5614E (edit initialization strings as needed) :wq
create a link between the file you desire and the dialer
ln /usr/lib/uucp/atdialer /etc/uucp/Wisecom5614E
/etc/uucp/Devices
Add a line containing
ACU term/00m,M 115200 {name of link found in /etc/uucp }
If you manually configure your modem in this way, it won't show in the Modem Manager, and you may not be able to modify it except manually.
Check the permissions on your port: should be set to uucp:uucp chown uucp:uucp /dev/term/00m
Manually set up your modem via cu:
#cu -l term/00m You type this Connected ATZ You type this: reset modem OK ATS0=1 You type this: answer on 1 ring OK AT&W You type this: save settings OK ~[hostname]. You type this: exit from cu #
Files affected:
/etc/uucp/Devices /etc/uucp/default/{ } /etc/uucp/{ }3. Identify and install Serial port services
Click Hardware Serial Manager
You should see:
Port Logins Speed Description {icon} term/00m enabled 115200 COM 1 modem
Click on Port Modify and you'll see the same screen as above (**) Verify your settings sometimes if you change the speed or type of port, a change is made in one area but not another.
If you have made changes here, the sacadm and pmadm files make changes to ttymon and place those changes into the _pmtab file. Look at that file to verify your changes:
vi /etc/saf/ttymon1/_pmtab #Version=2 term00m::u:reserved:reserved:login:/dev/term/00m:boPhr:0:auto:60:115200_8N:ldterm,ttcompat:login\ : :::::#
Check the current TAs: If your port is configured as incoming only and your timezone is not Ireland, you'll need to change :auto: to :/usr/bin/shserv: if you want a character login. Keep your port as bi-directional even if you are using it as incoming only.
Field 8 info: b = set bi-directional port flag o = initialize modem / reset via dials(3N) P = ppp flag h = sets hangup flag for ttymon r = wait for data before displaying a prompt c = set connect-on-carrier flag
There should be no need to modify these entries from the default seen above. If, however, you do, then you must then execute the following:
sacadm -k -p ttymon1 ; sacadm -s -p ttymon1
and wait about 3 minutes for the port to reinitialize.
Note: If you have multiple modems, you may find all of your modems controlled with ttymon1. This is normal and acceptable. If you have different types of modems (ACU, ISDN, etc), you must create separate ttymons for each type of modem. For maximum flexibility, each modem would be handled by a separate ttymon.
Files affected:
/etc/saf/ttymon1/_pmtab4. Configure DNS
If you want your users to be able to use your system by name instead of number (e.g., www.yourcompany.com vs. 123.45.67.89) then setup DNS. This is not specifically required for incoming ppp access, it makes life a lot easier. If your system is to be used as an ISP, then you'll need more information than we can provide here. Our system is for dial-in, in-house only and does not function as a router to the internet; therefore, our ip address assignments are private and not routable.
Click on Networking DNS Manager Click on Zones Add Server type: Master Zone Name: {yourcompany.com} Networks: xyz.xyz.xyz Add Start of Authority Person in charge root.{system name}.{yourcompany.com} Leave the rest of the entries at their defaults OK
For now, you can skip the remaining options for the Zone
Click on View Records Add the systems you want your DNS server to know about those on your local / remote network by clicking on Records Add
Hostname: foo IP Addresses: xyz.xyz.xyz.xyz Add Leave the rest of the entries at their defaults for now OK
If you want to add a single alias for this host, you can add it here. Otherwise, you'll need to edit the /etc/hosts file.
If you want to install DHCP, now is a good time to do it. We didn't.
If you want to route packets through your Unixware system to the internet, enter the following at the prompt
inconfig ipforwarding 1
Otherwise, your users will get to your system, see your web page and stay there.
5. Configure Dialin Services ManagerClick on Networking Dialin Services Manager
You should see a number of configured services on your system. Look for this one:
Type Device acu Any standard shell server
Click on Services Modify to verify this entry:
Service: data over modem Device: Any you can limit this to a single port if desired Service path: standard shell server an option here is for ppp it will work fine if you leave it alone. Phone number: any phone OK
Files affected:
/etc/ics/Callservices
You may have already been here if your Unixware system is part of a ethernet network. Click on Networking Network Configuration Manager
After a delay, you'll see your ethernet / wired network information. Click on View WAN.
You should see:
Iasy0 COM1 modem (BIDIRECTIONAL)
Click on Software Configure PPP (This is the heart of the ppp configuration and the area where the most problems / pitfalls occur.)
Do not use the Wizard. Instead, click on View Bundles
>>>Creation of a PAP only bundle Click on Edit Add Bundle name: in_pap Enabled: yes Type: incoming Options: Incoming Users: Auto-detect PPP session Yes This will listen on the line for ppp packets. This also requires some kind of authentication. Authentication: Edit Allow any valid authentication entry yes (Users may appear as "available" do not select them) If you select no to this question, then you may select individual users to allow in. OK
This will place a "*" for the Authentication Name:
Login Name: greyed out. Leave blank. Caller ID: leave blank Link Devices: Select COM1 ACU Incoming Authentication: Select PAP Override name for transmitted: leave blank Override name for received: leave blank Time allowable: 60 Network Protocol: Select IP Edit Options: IP Local address assignment: by local and remote cannot override Local address: xyz.xyz.xyz.xyz IP address of your Unixware system NOTE: this should be the actual address of your Unixware system, although you may assign an additional IP for your Unixware system to handle this ppp connection Remote address assign: by local and remote cannot override Remote address: xyz.xyz.xyz.xyz IP address of your dial-in system. This may or may not be its actual address, but for the ppp connection, this is the address. NOTE: if you assign an address that refers to an existing in-house system, that machine may find itself "locked out" of your internal TCP/IP network. It is safer to assign a dummy address for the remote (e.g., 192.168.0.79) to protect your internal addresses. Use as default route: No If you answer Yes, you're telling Unixware to use the incoming system as the route instead of the existing LAN. Act as a gateway: Yes Act as proxy for ARP: No Network Mask: xyz.xyz.xyz.xyz OK Options: Filters Bring up filter: bringup Keep up filter: keepup Pass in filter: blank Pass out filter: blank Advanced Options: VJ compression (Header compression in Win 98) Use VJ Compression: Yes Use slot compression: No Number of available slots: 16 Advanced Options: DNS Advertise DNS addresses: supplied addresses Advertised primary DNS: xyz.xyz.xyz.xyz Address of your Unixware system acting as DNS master Advertised secondary DNS: blank unless you have one Get address of DNS servers: Yes Advanced Advanced: (leave at default values) Advanced Options: Link Protocols CCP available none selected Advanced Options: Multilink (leave at default values) Advanced Options: Advanced (leave at default values) Advanced Options: Bandwidth (leave at default values) OK
You should now see:
+ in_pap (authentication name *) double click on the + to see - in_pap (authentication name *) IP (local: xyz.xyz.xyz.xyz)(remote: xyz.xyz.xyz.xyz)(gateway) COM1 (node: /dev/term/00m)(type: ACU) >>>Creation of a Unix Login bundle This will also require PAP authentication Click on Edit Add Bundle name: incoming Enabled: yes Type: incoming Options: Incoming Users: Auto-detect PPP session No Authentication: leave blank Allow any valid authentication entry no (Users may appear as "available": do not select them) If you select no to this question, then you may select individual users to allow in. OK Login User Name: Edit Allow any PPP user: Yes A list of unix ppp users will show as available. Do not select them. OK This will place a "*" next to Login User Name Caller ID: leave blank Link Devices: Select COM1 ACU Incoming Authentication: Select NONE -------------------------------- NOTE: If you go back and check Incoming Authentication for your in_pap bundle, it will have changed to NONE because the GUI apparently only reads the last setup for Incoming Authentication in RAM rather than in the file. Because of this, check your /etc/ppp.d/.pppcfg file: global bundle { requirepap = enabled should require PAP on all incoming calls bundle in_pap { requirepap = enabled this is required bundle incoming { requirepap = disabled this allows unix users to dial in and ask for ppp
When you check Incoming Authentication, you'll see the state selected for whatever one was last selected. When the file is written, the setting may not be correct; therefore, check the .pppcfg file. If necessary to make changes, see section 10 8.
Override name for transmitted: leave blank Override name for received: leave blank Time allowable: 60 Network Protocol: Select IP Edit Options: IP Local address assignment: by local and remote cannot override Local address: xyz.xyz.xyz.xyz IP address of your Unixware system Remote address assign: by local and remote cannot override Remote address: xyz.xyz.xyz.xyz IP address of your dial-in system. This may or may not be its actual address, but for the ppp connection, this is the address. Use as default route: No If you answer Yes, you're telling Unixware to use the incoming system as the route instead of the existing LAN. Act as a gateway: Yes Act as proxy for ARP: No Network Mask: xyz.xyz.xyz.xyz OK Options: Filters Bring up filter: bringup Keep up filter: keepup Pass in filter: blank Pass out filter: blank Advanced Options: VJ compression (Header compression in Win 98) Use VJ Compression: Yes Use slot compression: No Number of available slots: 16 Advanced Options: DNS Advertise DNS addresses: supplied addresses Advertised primary DNS: xyz.xyz.xyz.xyz Address of your Unixware system acting as DNS master Advertised secondary DNS: blank unless you have one Get address of DNS servers: Yes Advanced Advanced: (leave at default values) Advanced Options: Link Protocols CCP available none selected Advanced Options: Multilink (leave at default values) Advanced Options: Advanced (leave at default values) Advanced Options: Bandwidth (leave at default values) OK You should now see: + incoming (login *) double click on the + to see - incoming (login *) IP (local: xyz.xyz.xyz.xyz)(remote: xyz.xyz.xyz.xyz)(gateway) COM1 (node: /dev/term/00m)(type: ACU)
Now add your PAP secret for each user you give login priviledges to: Create a PAP only user:
Click on View Authentication Edit Add Name: ppp1 Enable CHAP secrets: no Enable PAP secrets: yes this defines the user as needing PAP authentication Enable login password: no this defines the user as a non-unix user Secrets: PAP Local password: ppp1 or whatever you want Remote password: leave blank OK OK Add PAP to Unix User Select user nppp created above Click on Edit Modify Enable CHAP secrets: no Enable PAP secrets: yes Enable login password: yes Secrets: PAP Local password: nppp this must be the same as the login password: Windows only has a place for a single password, so CHAP, PAP and login password must all be the same. OK Create a new Unix user Click on Edit Add Name: {enter a login name here} Enable CHAP secrets: no Enable PAP secrets: yes Enable login password: yes Secrets: PAP Local password: {password} this must be the same as the login password: Windows only has a place for a single password, so CHAP, PAP and login password must all be the same. Secrets: login Enter password: {password} Confirm password: {password} OK This makes an entry into /etc/passwd
Files affected:
/etc/ppp.d/.pppcfg /etc/passwd /etc/shadow
Now is a good time to shutdown and restart the Unixware System, so that your settings are clean.
7. Setting up debugging for the system?Add debugging to the pppd by
#ps e | grep pppd xyz TS 70 pts/0 0 00 pppd xyz is the process id number #kill 9 xyz #pppd d 6
To make this permanent, edit the /etc/rc2.d/S71ppp file and modify the line
$PPPD -d 6 ^^^^^ new
Debugging log is /var/adm/log/ppp.log
If the login fails due to lack of secrets, check in step 6 above.
If the login succeeds, but you can't ping or get your browser going, it may be a Windows / Modem issue.
8. Configure the Windows 9x / NT / 2000 system for dial-outSet up a new dialup networking connection with the following parameters:
Login to network: no yes will also work. Enable Software compression: yes (remainder of options) no you may want to create a log of the session Server Types: NetBEUI no IPX/SPX no TCP/IP yes TCP/IP settings Server assigned IP address Server assigned name server addresses Use Header compression yes Use default gateway yes
If you are using only PAP authentication and you are not a Unix user, you can jump to step 9.
If you are a Unix user, you must create / modify a login script because Unixware can't detect that you want ppp when you call in:
Click on Scripting Tab Click on Browse Select pppmenu.scp Click on Edit Make the following changes: ; ; Login to my system proc main integer nTries = 3 string szLogin = login:" integer nLoginTimeout = 3 string szPW = password:" integer nPWTimeout = 3 boolean bUseSlip = FALSE ; ----------------------------------------------------- ; Delay for 1 second delay 1 transmit ^M^M" ; Attempt to login at most 'nTries' times while 0 < nTries do ; Wait for the login prompt before entering waitfor szLogin then DoLogin until nLoginTimeout TryAgain: transmit ^M" ; ping nTries = nTries - 1 endwhile goto BailOut DoLogin: ; Enter user ID transmit $USERID, raw transmit ^M" ; Wait for the password prompt waitfor szPW until nPWTimeout if FALSE == $SUCCESS then goto TryAgain endif ; Send the password transmit $PASSWORD, raw transmit ^M" ; Wait for the prompt waitfor szPrompt transmit szConnect if bUseSlip then set ipaddr getip 2 endif goto Done BailOut: ; Something isn't responding. Halt the script ; and let the user handle it manually. set screen keyboard on halt Done: endproc
Yes, you can remove any lines beginning with ";" to make the script smaller. File Save As and use the name ppp.scp
Now browse and select ppp.scp for your login script.
9. Test the ConnectionWith your modem on and ready to receive on the Unixware system, dial in from your Windows machine.
If you are using the PAP only user, enter the name ppp1' and the password password' in the dialup networking dialog box. Do not open a terminal screen to see what is happening you won't get in. Unixware is supposed to autodetect ppp under this setup and a terminal screen doesn't send ppp packets.
If you are using the unix PAP login with a script, you can use a terminal screen to login manually and verify that ppp packets are being transmitted. You can also press F7 to continue and let the script log in and see what happens.
10. Troubleshooting, or "Take 2 aspirin and call me in the morning"There are hundreds of settings possible and some cascade into multiple levels of errors. To help out with troubleshooting, examine these areas:
UNIXWARE ISSUES
sacadm k p ttymon1 ; sacadm s p ttymon1
cat /etc/ppp.d/.pppcfg | ppptalk ppptalk saveand if the settings conflict within the file, don't blame us or SCO they tell us not to change the file manually.
cd / pkgchk -fv all initprivIf this doesn't handle the errors, the next command will sync the security databases with the files:
/etc/security/tools/setpriv -x
Publish your articles, comments, book reviews or opinions here!
© April 2000 Terry L. Calvert, Calvert Computer Systems, Inc. All rights reservedGot something to add? Send me email.
More Articles by Terry L. Calvert © 2011-07-08 Terry L. Calvert
Actually I made up the term "object-oriented", and I can tell you I did not have C++ in mind. (Alan Kay)
Printer Friendly Version
Unixware 7 Incoming PPP Copyright © April 2000 Terry L. Calvert
Have you tried Searching this site?
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.
Contact us
Printer Friendly Version