• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

VPN and authentication

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> VPN and authentication Page: [1]
Login
Message << Older Topic   Newer Topic >>
VPN and authentication - 23.May2006 5:05:17 PM   
StefanHammar

 

Posts: 68
Joined: 19.Sep.2002
Status: offline
Hello experts

Do anyone have any comments about following behavior:

The ISA server is member of domain Mydomain

Windows XP connects to an ISA 2004 VPN connections using ISA\VPNuser

If the User logged on to the Windows XP computer is a Mydomain\User1, Mydomain\user1 is used at the Access rules from VPN network to the Internal network.

If the user logged on to the Windows XP computer is a WinXP\Localuser, ISA\VPNuser is used at the Access rules from VPN networks to the Internal network.

I did believed that it always was the account used when establish the VPN connection that was used at the access rules from VPN networks to the Internal network

/Thanks Stefan
Post #: 1
RE: VPN and authentication - 23.May2006 5:37:11 PM   
ClintD

 

Posts: 1848
Joined: 26.Jan.2001
From: Keller, TX
Status: offline
Interesting - are you using HTTP to test, or another protocol? Does the VPN client have the Firewall Client isntalled?

(in reply to StefanHammar)
Post #: 2
RE: VPN and authentication - 24.May2006 8:56:11 AM   
StefanHammar

 

Posts: 68
Joined: 19.Sep.2002
Status: offline
The firewall client is installed on the Windows XP VPN computer.

The test scenario:

1. Logged on to a Domain User that did not have the rights to Use VPN, did a VPN connection with the ISA\VPNUser.
2. Access rule: From: VPN network To: Internal network computer1, protocol: http, https, ping and user: ISA\VPNUser
3. When using IE and http://www.computer1.se -> the domain user was used in the access rule -> no access
4. When at the command promt execute a ping www.computer1.se, ISA\VPNUser was used -> access

When logging on with a non Domain User to the Windows XP VPN computer:
3. Access, ISA\VPNUser was used in the access rule

/Stefan



(in reply to ClintD)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> VPN and authentication Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts