Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: PIX PPTP - Windows domain authentication

from [Andrew Shore] Network Security [Permanent Link]
Subject: RE: PIX PPTP - Windows domain authentication
Date: Fri, 3 Dec 2004 09:21:40 -0000 
This is actually very simple.

 

Windows (2000 onwards) comes with a RADIUS server called IAS (Internet
Authentication Service) which is very simple to set up.

 

The PIX can then talk RADIUS to IAS with can interrogate the AD.

 

________________________________

From: Dennis Dimka [mailto:dennis.dimka@manna.com] 
Sent: 02 December 2004 20:58
To: 'Firewalls Securityfocus'
Subject: PIX PPTP - Windows domain authentication

 

Hello;

 

Thank you to everyone who answered my PPTP/NAT Bypass question-very
helpful info from everyone.

 

My next question is simpler:

 

Is there a way to "pass through" Windows domain authentication through a
PPTP tunnel?  Obviously, when VPN'd into a network, its like you're
physically plugged into the LAN, but not authenticated to a Windows
domain controller.  While users can authenticate to LAN resources on a
per-resource basis (eg: accessing \\servername\share
<file:///\\servername\share>  prompts you for credentials), it would be
slick if there were a way to have the user be more or less officially
logged into the windows domain, either automatically as part of the VPN
session, or even manually.

 

Does RADIUS have this added feature?  I understand that RADIUS is
traditionally for authentication without user accounts local to the
PIX... just wondering if it or IAS has some sort of feature that allows
this to happen.

 

Thanks in advance.

 

Dennis Dimka

Network Administrator

MFS, Inc.

dennis.dimka@manna.com

 

Desk: 651-905-7591

Mobile: 612-616-0817

Fax: 651-994-6594
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  VPN tunneling between PIX & Checkpoint, Rizky Fithrianda
Next by Date:  Re: Fragmented Packet, Martin Mačok
Previous by Thread:  RE:PIX PPTP - Windows domain authentication, Jonathan Gauntt
Next by Thread:  VPN tunneling between PIX & Checkpoint, Rizky Fithrianda
Indexes:  [Date] [Thread] [Top] [All Lists]