|
||||||||||
what about setting up a second set of ID's in your Active Directory, group them as VPN users and have m0n0 bang against those? I know I saw a a how-to on that somewhere. most likely you would have to ad the user or group to shares you want them to access if using seperate user names. Chet Harvey Pitbull Technologies <http://www.pittech.com/> Protecting your Digital Assets 703.407.7311 Quoting Curt Shaffer <cshaffer at gmail dot com>: > I had a quick question for anyone out there running a windows network > behind m0n0. I have a multi site ipsec VPN set up and it is working > great! The DC's are talking happily, the SQL is replicating happily, > and DFS is working like a dream. Now I have the need to let some > people in from home to run an application. Some are on dial up, some > on cable,dsl etc. All different OSes from 98 to Macintosh. I only have > 10 people that need in, so I want to keep it as administratively > simple as possible (Mostly meaning that I don't want to have to put > m0n0's at everyone's homes). So I was going to have them log in with > PPTP to the m0n0's. I don't want them to use the same UN's and > passwords as they do in the office, but I don't want them to have to > re authenticate to access drives and such. My question is: If I have > the PPTP from the m0n0 authenticate against the Radius on the servers, > are those users considered authenticated users in the eyes of windows > so that I can set the permissions on files/folders with the > authenticated users group so they will not have to authenticate again? > Thanks for all of your help > > -- > Curt Shaffer, MCP > Wireless/Network Specialist > Chilitech Internet Solutions > www.chilitech.net > 866-678-6858 > efax: 1-309-412-4809 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > |