[isalist] Re: ISA server 2004 and VPN with Radius

From: Miguel Gonzalez Castaños <miguel_3_gonzalez@xxxxxxxx>
To: isalist@xxxxxxxxxxxxx
Date: Wed, 02 Apr 2008 10:45:58 -0400

http://www.ISAserver.org
-------------------------------------------------------

So, if I use PEAP with certificate, do I need to have a client certificate?


If I use Microsoft-CHAPv2 that means that I'm not using server
certificate and VPN connections are less secure?

Miguel


Thomas W Shinder wrote:

http://www.ISAserver.org
-------------------------------------------------------
My bad. PEAP is supported in Windows 2008. Can be used together with Microsoft-CHAPv2 or smartcard/cert.
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of MiguelGonzalez Castaños
Sent: Tuesday, March 25, 2008 8:00 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] ISA server 2004 and VPN with Radius

http://www.ISAserver.org
-------------------------------------------------------
Hi,
Currently We have an ISA server with VPN local users. We'd like tointegrate users with our AD domain using Radius.
 However I have some questions:
- in the Radius configuration, if I use PEAP and a servercertificateit will require client certificates? No way to disable that?
- If I needed client certificate (We don't want this), It ispossibleto disable PEAP server certificate validation and still getting anencrypted tunnel? What do I gain/lose?
 Thanks,

 Miguel

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.aspISA Server Articles and Tutorials:http://www.isaserver.org/articles_tutorials/ISA Server Blogs: http://blogs.isaserver.org/------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com------------------------------------------------------To unsubscribe visit http://www.isaserver.org/pages/isalist.aspReport abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.aspISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ISA Server Blogs: http://blogs.isaserver.org/------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com------------------------------------------------------To unsubscribe visit http://www.isaserver.org/pages/isalist.aspReport abuse to listadmin@xxxxxxxxxxxxx




------------------------------------------------------

List Archives: //www.freelists.org/archives/isalist/ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.aspISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ISA Server Blogs: http://blogs.isaserver.org/------------------------------------------------------

Visit TechGenix.com for more information about our other sites:

http://www.techgenix.com------------------------------------------------------To unsubscribe visit http://www.isaserver.org/pages/isalist.aspReport abuse to listadmin@xxxxxxxxxxxxx

[isalist] Re: ISA server 2004 and VPN with Radius

Other related posts: