RE: ISA Design Question: Best Practice

From: "David V. Dellanno" <ddellanno@xxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Date: Wed, 28 May 2003 16:38:25 -0400
Thanks Stefaan...that makes sense.

        -----Original Message-----
        From: Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxx] 
        Sent: Wednesday, May 28, 2003 3:49 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RE: ISA Design Question: Best Practice
        
        
        Hi Tom,
         
        I believe that some major switch vendors (Extreme, Cisco, ...)
have some sort of authentication agent on their boxes. You can compare
that feature roughly with the new 802.1X  standard for Wireless
Networks. If I remember well it works as follows:
         
        1) when you plugin a device you become a member of a initial
VLAN who has only access to a DHCP and authentication server.
         
        2) after authentication and maybe selecting a profile, you are
assigned a new IP address and the port is put into another VLAN.
         
        3) it is the membership to a particular VLAN who determines what
you can do on the network.
         
        Greetings,
        Stefaan

                -----Original Message-----
                From: Thomas W Shinder
[mailto:tshinder@xxxxxxxxxxxxxxxxxx]
                Sent: woensdag 28 mei 2003 16:59
                To: [ISAserver.org Discussion List]
                Subject: [isalist] RE: ISA Design Question: Best
Practice
                
                
                http://www.ISAserver.org
                
                
                Hi David,
                 
                Yes, that is a cool option and I've seen it before too.
If I had the time, I would have run NetMon on my laptop and try to
figure out who they do it. I do know its MAC based, so once you make a
selection, your MAC address determines the type of IP address you get.
If anyone knows how it works, let us all know! :-)
                 
                Thanks!
                Tom
                 
                Thomas W Shinder
                www.isaserver.org/shinder
<http://www.isaserver.org/shinder>  
                ISA Server and Beyond: http://tinyurl.com/1jq1
                Configuring ISA Server: http://tinyurl.com/1llp
<http://tinyurl.com/1llp> 
                
                 

                        -----Original Message-----
                        From: David V. Dellanno
[mailto:ddellanno@xxxxxxxxxx] 
                        Sent: Wednesday, May 28, 2003 7:50 AM
                        To: [ISAserver.org Discussion List]
                        Subject: [isalist] RE: ISA Design Question: Best
Practice
                        
                        
                        http://www.ISAserver.org
                        
                        
                        
                        The reason why I ask this question was that I
visited this March at the Fairmont Royal York in Toronto, Ontario and
the Hilton in the subburbs (no, I don't have SARS).  They had thier
internet serviced by Cisco, in each room. a small cisco router (this was
at the Fairmont, I forgot what model it was, but the Hilton just
provided cat5 cable) but once connected to it, you are automatically
connected to a webpage (this is the hotel's service aggrement and
internet access choices).  You have a choice to either be behind a
firewall with a private ip or a public ip with no firewall protection.
I thought this was a good idea to provide such a service and delegate
the two types of configurations to the guest and contractors with no
administration needed but I don't quite understand how this can be done?
Thanks for you answer again.

                                 

                        

                         

                ------------------------------------------------------
                List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
                ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
                ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
                ------------------------------------------------------
                Other Internet Software Marketing Sites:
                Leading Network Software Directory:
http://www.serverfiles.com
                No.1 Exchange Server Resource Site:
http://www.msexchange.org
                Windows Security Resource Site:
http://www.windowsecurity.com/
                Network Security Library: http://www.secinf.net/
                Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
                ------------------------------------------------------
                You are currently subscribed to this ISAserver.org
Discussion List as: stefaan.pouseele@xxxxxxx
                To unsubscribe send a blank email to
$subst('Email.Unsub') 



Confidentiality Notice:
This e-mail message, including any attachments, is for the sole use of the 
intended recipient(s) and may contain confidential and privileged information. 
Any unauthorized review, use, disclosure or distribution is prohibited. If you 
are not the intended recipient, please contact the sender by reply e-mail and 
destroy all copies of the original message.
RE: ISA Design Question: Best Practice

Other related posts:
