Re: [SLUG] Modem Pooling

From: Ian C. Blenke (icblenke@nks.net)
Date: Wed Apr 17 2002 - 11:12:18 EDT


On Wed, 2002-04-17 at 09:29, Daniel MacLaren wrote:
> To clarify:
>
> We have a partial T1 for Internet access.
>
> At times we need to dial in to our customers' systems for support or
> testing. Rather than installing a phone line and modem for each computer,
> we were using Winport - which allowed client machines to use the modems on
> the server as local modems (in dial-up networking). In this way, we could
> use either modem to dial any customer.

What software are you using to dial into your customer's systems?
Hyperterm? PCAnywhere? PPP RAS Dialup? The method you are using defines
what you might need to do to share those modems.

> We are setting up VPN's to some of our customers, but that is not always
> an option and will not totally remove the need for modems.

So, you're doing a PPP dialup to dial up and route into their networks
instead of using a VPN? Do any of your customers have the same IP
netblock as you do? (192.168.1.x, etc) If not, you could just make a
dial-on-demand Linux routing box that would bridge your network with
theirs (plus added firewall filtering). If they do have the same
netblock you do, there would be issues.

> > > At work, we have two phone lines with modems that we want to share among
> > > 10-13 people in our office. In the past, we used a product called
> > > Winport, by Lansource, to share these modems, but this setup is no longer
> > > working and Lansource is no longer in business.

Ick. Yeah, I've briefly used this product, and I wasn't happy with it
either.

> > > I've read the "Modem Sharing mini-HOWTO" and setting up the Linux box
> > > won't be a problem. Our problem is that we need a "COM-port redirector for
> > > TCP/IP" for our Windows clients - a program for Windows that can use the
> > > service on the Linux machine as a virtual COM port. The HOWTO recommends
> > > DialOut/IP from http://www.tactical-sw.com, but the information on
> > > licensing appears to be out of date (they want $1700 for 13 seats).

This seems overly silly. Tunnel PPP traffic over a TCP session over your
network to a modem just to make TCP/IP phonecalls. You really might be
able to save yourself some effort merely by making the Linux gateway
make the PPP dialouts directly.

> > > Are there any alternatives to DialOut/IP?
> > >
> >
> > Umm, this is probably a dumb question, but why not just set up a Linux
> > box that shares modems as a gateway? Then the only thing the Windows
> > boxes need to know is the address of the box and maybe the internet
> > nameservers. You can set the Linux box up so that whenever someone
> > requests an internet IP address, the modems dial out.

The potential problems are:

1. Multiple customers are using the same IPV4 private netblock. This is
a common problem. The only real way around it is to use IPV6 natively on
your LAN and use the appropriate prefix to connect to the correct
customer. Alternatively, you can NAT the heck out of it, and assign each
customer a unique static IP block that maps into their IP address space.

2. A customer using the same IPV4 netblock as you do. In this case, the
Linux gateway machine will probably refuse to talk to the remote
netblock aside from the PtP RAS address peer (assuming the PPP dialup
has a lower routing metric).

3. Security. If the PC is dialing out on its own, none of the other
workstations need to see the traffic to/from that client dialup. There
may be a reason why you are not dialing out with a central dialout
gateway. The gateway would offer the ability to put in a firewall
between you and the customer's network, however.

4. The modems may be used for other purposes aside from RAS dialup. Are
you using Hyperterm or another terminal package to connect to serial
asynchronous devices or services? If so, you need a com: port sharing
redirect or a gateway that offers TCP port mappings for each modem
(tip/cu in inetd, for example) or a minicom running in a VNC session (or
some other similar ingenious async terminal solution).

> > I'm probably missing something about this whole thing, so I'll shut up
> > now. ;-}

>From the sound of things, I'm betting they could get by with an IP
routing PPP dialout gateway.

- Ian C. Blenke <icblenke@nks.net> <ian@blenke.com>
http://ian.blenke.com



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:12:51 EDT