RE: ISA VPN Security

Tom,
 
Thanks for the information. I will implement L2TP/IPSec. Seems the only
way.
 
Mark
 
 
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
Sent: Wednesday, January 29, 2003 8:54 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA VPN Security



http://www.ISAserver.org


Hi Mark,
 
If the machine is a member of the domain, the user can log on with local
or domain credentials. I'm betting that you are logging in with an admin
account. Just make sure your VPN user passwords meet complexity
requirements and you'll be in good shape. Of course, you can implement
L2TP/IPSec and use user certificate authentication :-)  
 
HTH,
Tom
 
 
Thomas W Shinder
 <http://www.isaserver.org/shinder> www.isaserver.org/shinder 
ISA Server and Beyond:  <http://tinyurl.com/1jq1>
http://tinyurl.com/1jq1
Configuring ISA Server:  <http://tinyurl.com/1llp>
http://tinyurl.com/1llp 

-----Original Message-----
From: Mark Hopkins [mailto:mark@xxxxxxxxxxxxx] 
Sent: Wednesday, January 29, 2003 12:40 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] ISA VPN Security


http://www.ISAserver.org


Hello,
 
I just set up my ISA Server for inbound VPN calls, as per
http://www.isaserver.org/tutorials/Configuring_ISA_Server_For_Inbound_VP
N_Calls.html. Everything works but my concern is security. All anyone
need do is guess an authentic domain username/password and they are
"in". Not even the domain name is necessary. Is there a way to secure
this authentication? Thanks.
 
Mark
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
mark@xxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


Other related posts: