[c-nsp] Lightweight Radius Server for small installation and Windows

Brian Raaen braaen at zcorum.com
Thu May 7 09:58:40 EDT 2009

You would set up a second account for their VPN then.  In IAS you can
set it to only authenticate if certain attributes match.

Marc Haber wrote:
> On Wed, May 06, 2009 at 06:55:21AM -0400, Patrick J Greene wrote:
>> The Windows server platform includes Internet Authentication Services
>> (IAS) which provides RADIUS authentication against either AD or the
>> local user database on the Windows server itself.  Just install the
>> service.
> The company doesn't want to use the Windows passwords for VPN
> authentication since a single compromised password does not only allow
> access to the VPN but also to all Windows resources. Think of the
> "different password" requirement as "poor-man's two factor auth".
> Greetings
> Marc

More information about the cisco-nsp mailing list