[c-nsp] Lightweight Radius Server for small installation and Windows

Ziv Leyes zivl at gilat.net
Wed May 6 07:13:18 EDT 2009 

The cheapest solution is already there, Windows2003 server can act as a radius server, it doesn't have to use necessarily the same users, new users can be added to a special new group only for the VPN authentication.
Also using the AD can be useful, the user can be set to have permission to access through VPN or not, so not every user in the system can connect.
Cisco knows to interface with the above, so I don't see a reason to invest more money in another product.
All they need is someone that is good enough with Win2003 server to make it happen, the Cisco part is the easiest once the radius is set.
Hope this helps,
Ziv







-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Marc Haber
Sent: Wednesday, May 06, 2009 12:58 PM
To: cisco-nsp
Subject: [c-nsp] Lightweight Radius Server for small installation and Windows

Hi,

a small company is planning to deploy client VPN using the Cisco VPN
client and an 1841 in their office. They have 50 employees, about 15
of them mobile, a couple of Windows 2003 servers (no virtualization
yet) and are mostly an all-windows shop. They neither want their users
to authenticate to the VPN via their Windows password (which, to my
knowledge, rules out authenticating against the AD), nor do they want
to use the cisco command line to generate the user accounts on the
1841 itself.

Is there a lightweight, resource-easy Radius server for Windows which
can be installed on one of the existing servers which has a clickable
frontend for account management? It doesn't need to be end-user safe,
the admins are going to manage the account, but they cringe at the
thought of doing the "conf t; foo; copy running-config startup-config"
dance.

Just in case, in which price range do the "cheapest"
one-time-password-token authentication schemes start for this user
count?

Any hints will be appreciated.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
 
 
************************************************************************************
This footnote confirms that this email message has been scanned by
PineApp Mail-SeCure for the presence of malicious code, vandals & computer viruses.
************************************************************************************

 
 
************************************************************************************
This footnote confirms that this email message has been scanned by
PineApp Mail-SeCure for the presence of malicious code, vandals & computer viruses.
************************************************************************************

More information about the cisco-nsp mailing list