[c-nsp] Lightweight Radius Server for small installation and Windows
Brian Raaen
braaen at zcorum.com
Thu May 7 09:58:40 EDT 2009
You would set up a second account for their VPN then. In IAS you can
set it to only authenticate if certain attributes match.
Marc Haber wrote:
> On Wed, May 06, 2009 at 06:55:21AM -0400, Patrick J Greene wrote:
>
>> The Windows server platform includes Internet Authentication Services
>> (IAS) which provides RADIUS authentication against either AD or the
>> local user database on the Windows server itself. Just install the
>> service.
>>
>
> The company doesn't want to use the Windows passwords for VPN
> authentication since a single compromised password does not only allow
> access to the VPN but also to all Windows resources. Think of the
> "different password" requirement as "poor-man's two factor auth".
>
> Greetings
> Marc
>
>
More information about the cisco-nsp
mailing list