Skip Maine state header navigation

Agencies | Online Services | Help

Skip First Level Navigation | Skip All Navigation

Home > Remote Access > IPRS Online Documentation

IPRS Online Documentation

1. What is IPRS?

IPRS (Internet Protocol Routing Service) is a dial-up network offering provided by Verizon. Verizon owns and manages Cisco routers with high-density modem cards installed, and uses L2TP (Layer 2 Tunneling Protocol) to transfer the incoming serial connection to the State's high-speed ATM backbone connection, then to a State-owned Cisco router.

2. New in V.102302

a. autocf and logon1 functions
The autocf and logon1 functions are now documented.

b. ADA compliant
The initial telephone number selection screen has changed to accommodate ADA functionality.

c. Exception processing
Exception processing now correctly displays screens described below.

d. Temporary files
The temporary .log files are now stored in the IPRS directory, so that users do not need administrative rights to execute IPRS in XP.

3. How to connect manually with any operating system
a. Traditional dialup
NOTE: the manual method should only be used for troubleshooting Windows machines, or for access with non-Windows operating systems. Use IPRS.EXE for normal connections. Initiate a dial-up (PPP) session to the correct IPRS number. If dialing from within the State of Maine AND the dialing number is serviced by Verizon, call "1-500-699-1800". If outside the State of Maine or serviced by an independent telephone company, then call "1-800-734-7564. (Configure: TCP/IP protocol only; do NOT log on to server or domain; do NOT use area code/dialing properties; and do NOT use terminal window before/after dialing. The UserID and Password MUST be "ccshiva".)

b. Telnet session for authentication
Once the dial-up session is established, telnet to 10.254.254.254. In the Windows operating systems, click "Start", then "Run", then type: "telnet 10.254.254.254". When connected, IPRS will prompt for "Username:". This is the UserID supplied with the SecurID card, followed by the enter key. Next IPRS will prompt for "Password". This is the SecurID Passcode (PIN and displayed number). If the sequence is correct, the telnet session will be disconnected. In Windows, telnet then displays a box saying "Connection to host lost". This actually means that the authentication was successful. "PASSCODE Accepted" will be visible on the Telnet screen.

If the UserID/Passcode sequence is incorrect, the process will repeat. If three in a row are incorrect, the Telnet session will disconnect. The system will remain connected to the Cisco router, but will not be able to do anything except connect using telnet to the above address. The dial-up session must be terminated manually.

4. How to use the automated setup and dialup scripts
a. What operating systems are supported
Network Services provides an automated setup script and a dialup script. These scripts will work on W95(all versions), W98 (all versions), NT4, Millenium, W2K, and XP.

b. Downloading the software
IPRS is available at http://www.maine.gov/oit/remote. The executable is named iprsmmdd.exe, where mm is the month, and dd is the day the zip file was compiled. Either download the file, or run it from the inet server. It will unzip to the default directory of "c:\program files\iprs". While it is not necessary to use the default directory, it is easier for support staff if this directory is used.

c. Running setup.exe
Close all applications, then run "setup.exe" from the c:\program files\iprs directory. It will create a dial-up entry (just like the manual process previously discussed), then a shortcut on the desktop. Users will see dial-up networking screens flash by as the setup executes, and will be prompted to select a modem if more than one modem is configured. With Windows 2000/XP systems, users should reboot before using the shortcut.

"Setup.exe" can be rerun at any time (and should be re-run, should it terminate abnormally). It should not cause any problems with any system, and will co-exist with any other dial-up services. If Windows XP fails on the setup, manually create the "iprs" dialup connector, then rerun.

d. Executing IPRS.EXE
Once setup is finished, or a dialup connector named "iprs" (must be lower case) has been configured manually, double-click the "IPRS" shortcut. The following screen will be displayed:

IPRS Screen

If "Other" is chosen, then the user will see the following screen:

IPRS Screen

Change the number as appropriate. This feature is provided to allow dial-up from hotels, businesses, etc. W95 users will see a traditional dialup screen connecting them to IPRS; other Windows users will see:

IPRS Screen

Once connected, a few background screens will flash, then the user will see:

IRPS Screen

Enter the SecurID userid, then:

IPRS Screen

Enter the passcode; normally, the following will display for a few seconds:

4a. Normal connection

IPRS Screen

If the correct SecurID userid and passcode are used, then the following screen will display for 5 seconds (or until the user presses a key):

IPRS Screen

The user is now connected to the network, and can use any network application.

If the SecurID userid and passcode are incorrect, then the userid/passcode sequence will repeat. If the SecurID card is out of sync, the following screen will be displayed:

IPRS Screen

4. How to login to network domains/file servers

NT_Logon.exe (included in IPRS distributions dated 04/20/01 or later) will allow access to NT or W2K domains/servers. For W95/W98 client machines, it runs "NTWKLOG.EXE" which authenticates the user to the domain/server resource, then runs W2KMAP.bat. The batch file must be customized for an agency's specific needs: the file contains a sample "net use ... " statement to map drives. Alternatively, the batch file could call pre-existing agency-specific routines. For NT/W2K client machines, the program automatically modifies a registry entry to make RAS connections persistent, then issues a standard user logoff/logon. This will log the user into the domain/file server with all resources normally attached.

Novell users can use the existing Novell Logon from the Novell menu selections.

The IPRS.CFG line "logon1=no" can be changed to "logon1=yes" to automate this function.

5. Technical support

a. IPRS.CFG file
IPRS.CFG contains variable data which is passed to the IPRS program. Among the variables are the phone numbers used (the order can be changed, and the displays within IPRS will change accordingly), the authentication server address, and the logo used on the IPRS screens. Some variables can be customized for special purposes as described in this document.

b. IPRS.LOG file
IPRS.LOG is a copy of all transactions occuring with Telnet, and is used by the IPRS program to make decisions about how to proceed. At the end of the process, all transactions are written to this file. If a user is having problems with the authentication process, this file provides detail as to what has occurred.

c. S.LOG and Z.LOG files
S.LOG and Z.LOG are temporary log files used to create IPRS.LOG. This files are deleted automatically, and normally are not available to the user.

d. autocf=yes
The "autocf=yes" function reconfigures the IPRS session to known working conditions. If special settings are required, change this option to read "autocf=no".

c. Known problems

  • Using iprs.exe when connected to a network can produce unexpected errors. We recommend that technicians "logoff" the network, then disconnect the network cable in order to test the dialup functionality.
  • Under some conditions, such as a busy signal, IPRS.EXE will take up to a minute to time out. At this writing, there is no way to use a cancel key to force the time-out process.