[ previous ] [ next ] [ threads ]
 
 From:  Chet Harvey <chet at pittech dot com>
 To:  Curt Shaffer <cshaffer at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Radius Authentication
 Date:  Thu, 19 Aug 2004 18:19:00 -0400
what about setting up a second set of ID's in your Active Directory, group them 
as VPN users and have m0n0 bang against those?

I know I saw a a how-to on that somewhere.

most likely you would have to ad the user or group to shares you want them to 
access if using seperate user names.

Chet Harvey
Pitbull Technologies <http://www.pittech.com/> 
Protecting your Digital Assets
703.407.7311


Quoting Curt Shaffer <cshaffer at gmail dot com>:

> I had a quick question for anyone out there running a windows network
> behind m0n0. I have a multi site ipsec VPN set up and it is working
> great! The DC's are talking happily, the SQL is replicating happily,
> and DFS is working like a dream. Now I have the need to let some
> people in from home to run an application. Some are on dial up, some
> on cable,dsl etc. All different OSes from 98 to Macintosh. I only have
> 10 people that need in, so I want to keep it as administratively
> simple as possible (Mostly meaning that I don't want to have to put
> m0n0's at everyone's homes). So I was going to have them log in with
> PPTP to the m0n0's. I don't want them to use the same UN's and
> passwords as they do in the office, but I don't want them to have to
> re authenticate to access drives and such. My question is: If I have
> the PPTP from the m0n0 authenticate against the Radius on the servers,
> are those users considered authenticated users in the eyes of windows
> so that I can set the permissions on files/folders with the
> authenticated users group so they will not have to authenticate again?
> Thanks for all of your help
> 
> -- 
> Curt Shaffer, MCP
> Wireless/Network Specialist
> Chilitech Internet Solutions
> www.chilitech.net
> 866-678-6858
> efax: 1-309-412-4809
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>