Re: B2b VPN & authentication

From: "Jim Harrison" <jim@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Date: Thu, 14 Mar 2002 06:17:21 -0800
B2b VPN & authenticationTwo options:
1. Create a separate domain for the ISA/VPN server(s) and allow them to trust 
the internal domain
2. Set up a RADIUS server that is a member of the internal domain and tell the 
VPN server to use RADIUS auth.

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!
  ----- Original Message ----- 
  From: Vanvelthoven, Danny 
  To: [ISAserver.org Discussion List] 
  Sent: Wednesday, March 13, 2002 2:00 AM
  Subject: [isalist] B2b VPN & authentication


  http://www.ISAserver.org


  Hi all, 

  I've read the article of Tom on the website about VPN's on a back to back 
DMZ, the tunnel trouggh the tunnel. 
  But, I've got one question on this. 
  Do I have to setup usernames/paswords on the external VPN for all the users 
who want to connect ?  Their domain usernames are not available on that VPN 
server.

  Or do I have to make the DMZ a small domain, with a one way trust to the 
internal domain, so the usernames are known. 

  How are you guys doing this ?  Please advise. 



  Danny 



  View our available profiles on http://competences.CentricKsi.be 

  ------------------------------------------------------------------------ 
  LEGAL  DISCLAIMER:  The information included in this message is personal 
and/or confidential and intended exclusively for the addressees as stated.  
This message and/or the accompanying documents may contain confidential 
information and should be handled accordingly.  If you are not the intended 
reader of this message, we urgently request that you notify Centric KSI 
immediately and that you delete this e-mail and any copies of it from your 
system and destroy any printouts immediately. It is forbidden to distribute, 
reproduce, use or disclose the information in this e-mail to third parties 
without obtaining prior permission from Centric KSI.  We expressly point out 
that there are risks associated with the use of e-mail like data corruption, 
interception, unauthorised amendment, viruses and unforeseen delays.  Centric 
KSI and the companies within the group shall not accept any liability 
whatsoever for damage resulting from the use of e-mail.  Legally binding 
obligations can only arise for Centric KSI by means of a written instrument, 
signed by an authorized representative of Centric KSI.

  ------------------------------------------------------------------------ 

  ------------------------------------------------------
  You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
  To unsubscribe send a blank email to $subst('Email.Unsub')
Re: B2b VPN & authentication

Other related posts:
