Hi guys,
My ISP, 7star, uses cyberoam client to authenticate its users. I was happily using linc-daemon to authenticate to my ISP's server. As fate would have it he upgraded it. Now it uses Cyberoam version 6.5.0.5. linc-daemon is unable to login :(. It does say "login sucessfull" but I am unable to connect to any websites. The same configuration was working fine before he upgraded. He wasn't very co-operative the last time I had enquired about getting his connection working on Linux. Plus he has this weird idea that Linux is a "hacker" (or cracker) OS. I am 100% sure that the configuration is correct. Nevertheless I tried I tried the client which is distributed by cyberoam. It doesn't work either. It says "You have successfully logged into xxx.xxx.xxx.xxx" yet I can't connect to websites. It just get stuck after name resolution. As I said earlier I am 100% sure that there is no configuration problem. It is definitely due to some misconfiguration on the ISP's side or the protocol isn't supported by linc-daemon.
Any help, suggestions are HIGHLY appreciated. I can't live without internet on Linux :(
Regards
Dinesh Joshi
P.S.: Apologies if the formatting isn't ok on the email. I am stuck with Outlook Express and Windows...:(
On 7/29/05, Dinesh Joshi dinesh.a.joshi@gmail.com wrote:
Hi guys,
My ISP, 7star, uses cyberoam client to authenticate its users. I was happily using linc-daemon to authenticate to my ISP's server. As fate would have it he upgraded it. Now it uses Cyberoam version 6.5.0.5. linc-daemon is unable to login :(. It does say "login sucessfull" but I am unable to connect to any websites. The same configuration was working fine before he upgraded. He wasn't very co-operative the last time I had enquired about getting his connection working on Linux. Plus he has this weird idea that Linux is a "hacker" (or cracker) OS. I am 100% sure that the configuration is correct. Nevertheless I tried I tried the client which is distributed by cyberoam. It doesn't work either. It says "You have successfully logged into xxx.xxx.xxx.xxx" yet I can't connect to websites. It just get stuck after name resolution. As I said earlier I am 100% sure that there is no configuration problem. It is definitely due to some misconfiguration on the ISP's side or the protocol isn't supported by linc-daemon.
Mail this to rikin@elitecore.com , support guy at cyberoam. He might help you.
Any help, suggestions are HIGHLY appreciated. I can't live without internet on Linux :(
Regards
Dinesh Joshi
P.S.: Apologies if the formatting isn't ok on the email. I am stuck with Outlook Express and Windows...:(
From: "Rohit Baisakhiya" rohitbaisakhiya@gmail.com
Mail this to rikin@elitecore.com , support guy at cyberoam. He might help
you.
Thanks. I emailed them.
Regards Dinesh
On 8/1/05, Dinesh Joshi dinesh.a.joshi@gmail.com wrote:
From: "Rohit Baisakhiya" rohitbaisakhiya@gmail.com
Mail this to rikin@elitecore.com , support guy at cyberoam. He might help
you.
Thanks. I emailed them.
Regards Dinesh
Do share his reply with me - I have the same problem.
Thanks,
Sujeet
On Tuesday 02 August 2005 03:25, Sujeet Bhatt wrote:
Do share his reply with me - I have the same problem.
I havent received any reply from him as of yet. But I am now able to browse the internet using linux. My ISP again "upgraded" his server to cyberoam v6.5.0.3. Only God knows what he is doing :@
I am using linc-daemon and it works fine. I will let you know what transpires ;)
Regards.
On Tuesday 02 August 2005 08:17, Sujeet Bhatt wrote:
Can you tell me how linc-daemon works exactly? I have never used it.
Thanks in advance,
Sujeet
Dejavu :P. It seems just yesterday that Philip Tellis was tutoring me on how to use linc-daemon. I didnt thank him for his wonderful post. Anyway, its better to be late than never. Thanks Philip :)
Here is his original post:
On Wed Feb 18 17:04:30 IST 2004, Philip S Tellis wrote:
I'm not sure about the rpm, I installed from source, but it should be the same. If my instructions don't work, then give me the output of rpm -q linc-daemon
Instructions:
After installing, you should have the following files:
/usr/bin/linc /etc/lincrc
if you do not have /etc/lincrc, then create it using the command:
touch /etc/lincrc
now, edit this file:
vi /etc/lincrc
My file looks like this:
# Config file for linc cablenet client srvaddr = 172.16.1.1 srvport = 6060 username = tellis password = xxxxxxxxxxx hwaddr = 00:E0:4C:00:03:42
you should change the settings to whatever your operator gives you. hwaddr is specific to your machine, you can use the ifconfig utility to find out:
/sbin/ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:4C:00:03:42 ^^^^^^^^^^^^^^^^^
next, you'll need to configure your resolv.conf file to use the dns server that your ISP gives you.
finally, I've attached a linc startup script to this mail. You should copy it to /etc/init.d and run the following commands:
chmod +x /etc/init.d/linc chkconfig --add linc chkconfig linc on
This will ensure that linc connects to the net when your machine boots up. To start linc immediately, run the following command:
/etc/init.d/linc start
to stop linc, run:
/etc/init.d/linc stop
other options can be got by running
/etc/init.d/linc
NOTES:
before you do anything, try and understand how things work. man linc man lincrc will explain a lot
You can also start linc by just running the linc program. This will start linc on the current console, but in the background. You will have to send it signals using the kill command, which IMO isn't very user friendly.
Subscribing to the linc-user's mailing list (on sourceforge) can help.
Philip
This may be a little off topic, but can some explain how cyberroam is able to block ur net connection until u sign in thru their client.
Sometime Today, AMR cobbled together some glyphs to say:
This may be a little off topic, but can some explain how cyberroam is able to block ur net connection until u sign in thru their client.
Their client contacts their gateway with your login credentials. This includes your MAC address and IP address. When this happens, the gateway enables routing for your MAC/IP pair.
On Saturday 06 August 2005 21:48, Philip Tellis wrote:
Their client contacts their gateway with your login credentials. This includes your MAC address and IP address. When this happens, the gateway enables routing for your MAC/IP pair.
I am not so sure about this because AFAIK cyberoam client only uses your MAC to authenticate. The server checks the MAC / IP combo with its records and enables routing for _only_ your IP and not MAC / IP pair. Since if it were enabling routing on the basis of MAC / IP pair then I wouldn't be able to use my connection as my MAC is totally different from what my ISP has bound my connection with. And I don't spoof my MAC. linc-daemon sends the expected mac while cyberoam client actually finds out the MAC through API calls.
Dinesh Joshi wrote:
I am not so sure about this because AFAIK cyberoam client only uses your MAC to authenticate. The server checks the MAC / IP combo with its records and enables routing for _only_ your IP and not MAC / IP pair. Since if it were enabling routing on the basis of MAC / IP pair then I wouldn't be able to use my connection as my MAC is totally different from what my ISP has bound my connection with. And I don't spoof my MAC. linc-daemon sends the expected mac while cyberoam client actually finds out the MAC through API calls.
My customer uses cyberoam 24x7 client for login and when I replaced his nic, I had to call them up to reset my mac address. Login not only checks the physical paramaters like ip and mac but also the username and password. Once password is authenticated, your user id is checked for account status and after all clear, your gateway route is active.
Regards,
Rony.
___________________________________________________________ How much free photo storage do you get? Store your holiday snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com
On Sunday 07 August 2005 17:11, Rony Bill wrote:
My customer uses cyberoam 24x7 client for login and when I replaced his nic, I had to call them up to reset my mac address. Login not only checks the physical paramaters like ip and mac but also the username and password. Once password is authenticated, your user id is checked for account status and after all clear, your gateway route is active.
Yes. But for the linux client i.e. linc-daemon there is no need to contact the ISP and ask them to reset the MAC. The client sends whatever MAC you tell it to in the login packet. As for windoze clients, well newer NICs have an option to specify the network address. You put in your old NIC's MAC in there and you're set ;)
On 08/08/05 23:53 +0000, Dinesh Joshi wrote:
On Sunday 07 August 2005 17:11, Rony Bill wrote:
My customer uses cyberoam 24x7 client for login and when I replaced his nic, I had to call them up to reset my mac address. Login not only checks the physical paramaters like ip and mac but also the username and password. Once password is authenticated, your user id is checked for account status and after all clear, your gateway route is active.
Yes. But for the linux client i.e. linc-daemon there is no need to contact the ISP and ask them to reset the MAC. The client sends whatever MAC you tell it to in the login packet. As for windoze clients, well newer NICs have an option to specify the network address. You put in your old NIC's MAC in there and you're set ;)
Hmmm, this was possible for quite a few years. I remember seeing this option in Windows 95.
Devdas bhagat
On Monday 08 August 2005 21:06, Devdas Bhagat wrote:
Hmmm, this was possible for quite a few years. I remember seeing this option in Windows 95.
May be the NIC that I had didn't have that option. I was using RTL8029 PCI while the newer ones i.e. RTL8139 PCI have that option...
On Saturday 06 August 2005 20:09, Anand M R wrote:
This may be a little off topic, but can some explain how cyberroam is able to block ur net connection until u sign in thru their client.
simple. the server doesn't route your packets until it receives a specifically encrypted packet from you. Thats why you can ping the server without signing in but you can't go any further ;)
-
Anand M R -
Devdas Bhagat -
Dinesh Joshi -
Philip Tellis -
Rohit Baisakhiya -
Rony Bill -
Sujeet Bhatt