RE: [fw-wiz] how prevelant

From: Melson, Paul (
Date: 10/12/04

  • Next message: "[fw-wiz] WLAN DMZ Ideas"
    To: "R. DuFresne" <>, <>
    Date: Tue, 12 Oct 2004 14:10:43 -0400

    > -----Original Message-----
    > how common is it for a company to have it's NT domain and
    > novell athentication pass openly across the internet, and
    > have this be the requirement to access VPN tunnel rights from
    > outside into the company?

    Not at all. I can't think of a current or even recent firewall/VPN
    product that requires this type of configuration. Every product I am
    familiar with has some way of handing off domain/directory
    authentication via RADIUS, LDAP, or whatever so that user authentication
    data is encrypted and handled as part of the tunnel negotiation. To do
    what you describe undermines the primary advantage of VPN client access.


    firewall-wizards mailing list

  • Next message: "[fw-wiz] WLAN DMZ Ideas"

    Relevant Pages

    • Re: Elusive Problem Relating to FTP
      ... I've found out that these are all problems relating to user authentication. ... > Clients on the internal network have unrestricted internet access, ... > having problems with them being able to upload to FTP servers. ... > When using CuteFTP 6 to try and upload, ISA log shows that an unidentified ...
    • Re: ISA2004 blocks Google desktop?
      ... Windows Domain Authentication in the Access Rules. ... to describe the authentication being a requirement for access to the internet ... >> Actually the User Authentication is the entire reason we bought ISA =). ...
    • [fw-wiz] how prevelant
      ... athentication pass openly across the internet, ... requirement to access VPN tunnel rights from outside into the company? ... The firewalls I manage keep all windows related protocols in the 135-139, ... admin & senior security consultant: ...
    • Re: adverts - blocking with firewalls
      ... >problem of advertisements on the internet. ... >their firewall I thought that their software would do this job but you have ... prompt); set the User Authentication to prompt for user name and password. ...
    • Re: ISA Question
      ... web proxy address which is the service that handles the user authentication ... > Only my administrator account can access www from the sbs ... > belong to internet users security group, ...