pppd with RADIUS authentication and accounting support (FreeBSD port only).
Added support for CBCP (server side).

из пакета mgetty-1.1.30.12.16_4.tgz, при установке отвечаем на вопросы: критичные следующие вопросы

а) скорость соединения по портам - 115200
б) порт соединения – для начала пускай будет cuaa0
в) data-only – yes

в /usr/local/etc/mgetty+sendfax/ правим login.config
пропускаем все коментарии
Вот нужная строка:

/AutoPPP/ - a_ppp /usr/sbin/radpppd auth radius +pap -chap debug

остальное оставляем как есть

Правим mgetty.config: Комментируем первую строку, т.к. будем работать не только с этим портом, так же все настройки можно менять здесь же.

#port cuaa0
debug 4
fax-id 00 00 000000
speed 115200
direct NO
blocking NO
port-owner uucp
port-group uucp
port-mode 0660
toggle-dtr YES
toggle-dtr-waittime 500
data-only YES
fax-only NO
modem-type auto
init-chat "" ATS0=0Q0&D3&C1 OK
modem-check-time 3600
rings 1
answer-chat "" ATA CONNECT \c \r
answer-chat-timeout 80
autobauding NO
ringback NO
ringback-time 30
ignore-carrier false
issue-file /etc/issue
prompt-waittime 500
login-prompt @!login: 
login-time 240
diskspace 1024
notify faxadmin
fax-owner uucp
fax-group modem
fax-mode 0660

1. If the version FreeBSD is less then 3.0, then install libradius from FreeBSD 3.X.
2. Install radpppd.
3. Add the following options:

      radius            - use radius authentication
                          NOTE: in this case user's password in
                              /etc/ppp/pap-secrets won't be checked.
      require-pap
      cbcp              - enable CBCP negotiantion in LCP (server side),
                          work with 'radius' option only.
      nocbcp            - disable CBCP negotiantion in LCP (server side).
      cbcp-max-digits # - maximum digits allowed in phone number (default 7).

4. Install any RADIUS server.
5. Edit /etc/radius.conf
Features:
1. accept next a/v pair from RADIUS server:

1. Framed-IP-Address
   
2. Session-Timeout
   
3. Filter-Id (see below)
   
4. Callback-Number
   
5. Ascend-CBCP-Mode (see cbcp.h)
   

2. send next a/v pair to RADIUS accounting server:

1. NAS-IP-Address
   
2. Service-Type
   
3. Framed-Protocol
   
4. Framed-IP-Address
   
5. NAS-Port (ppp unit interface number)
   
6. Session-Time
   
7. Input-Octets
   
8. Output-Octets
   
9. Input-Packets
   
10. Output-Packets
    

3. login user to /var/run/pppdutmp.

Work with filters:
See pass-filter option in man
Definition for filters in /etc/ppp/filters
Format for /etc/ppp/filters:

Filter-Id     filter  #Comments
#Comments

Example
/etc/ppp/filters:

mail "udp port domain or tcp port smtp or tcp port auth or tcp port pop3"
mailnews "udp port domain or tcp port smtp or tcp port auth or tcp port pop3 or tcp port nntp"
proxy "(udp port domain or tcp port 3128) and net 10.0.0.0/24"

Callback:
Edit options and add chat.cb file.
/etc/ppp/options:

crtscts
modem
auth
radius
noipx
require-pap
refuse-chap
asyncmap 0
cbcp
#cbcp-max-digits 7

/etc/ppp/chat.cb

ABORT "NO CARRIER"
ABORT "NO DIALTONE"
ABORT "ERROR"
ABORT "NO ANSWER"
ABORT "BUSY"
"" AT
OK ATH1
OK ATH0
OK ATDT\T
CONNECT

–
Ukraine, Donetsk
Eugene N. Drachenko
geka@inep.net