Dial-Up Networking Call Back

by Johannes Helmig [Published on 14 Nov. 1997 / Last Updated on 14 Nov. 1997]

Setting up a "Dial-In Connection" opens a door for "unwanted visitors", which far too often manage to break in to systems. Setting up passwords gives only a limited protection, because unluckily, a lot of people choose easy-to-remember password (like: the of your wife/children or their birthday).

Security can be largely improved by implementing "Call Back":
once the server has identified the caller, the connection is terminated, and then the server calls you back, re-establishing the connection.

On the RAS server, define for each user in the "Remote Access Admin":

In addition of allowing a user to
"dial-in", define the "Call Back"
option and preset the number,
allowing this user to connect
ONLY from this predefined
number.



Setup of a Windows NT 4 Dial-Up Connection

Select from the "More"-button the "User Preferences:"

You can enter here (optional) the number to be called back, but that would NOT give you the additional security, we have already defined a FIXED call-back number on the server.

we start our connection in the usual method by
dialing from the "Dial-Up Networking Client
to the "Remote Access Server"
Once the server "picks up the phone", the
systems verify the "user-name" and "Password".
The connection is then terminated, and the
"Dial-Up Networking Client" now waits for
the "Remote Access Server" to call back.
Within a few seconds, the return call come in.
The "username " and "password" is verified
again, then the connection is finalized.
Then, you are connected.



Setup of a Windows95 Dial-Up Networking Client

When defining your connection from a Windows95 "Dial-Up Networking" Client, there is no possibility to define a Call-Back option.
However, the functionality is fully supported

You start your connection.
When the server "picks up the phone",
the "user-name" and "password" is
verified, used to identify the caller.
You then get informed about the
"Possibility" for a "call-Back".
However, if the Server enforces
a specific call-back number, you
can only go ahead: OK
The connection is terminated, and
your "Dial-Up Networking" Client
is now waiting for the call-back.
"User-name" and "Password" are
verified again.


You are now connected and can browse the system.

See Also


The Author — Johannes Helmig

Dr.Johannes Helmig is working as Director, Technical Knowledge Management in the Belgium office of Gerber Technology where he is involved in Customer Service and internal training, with special interest in Networking.

Advertisement

Featured Links