Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   [HIDE LAN] Hide a part of hosts into the LAN at VPN users? (http://www.velocityreviews.com/forums/t38548-hide-lan-hide-a-part-of-hosts-into-the-lan-at-vpn-users.html)

Paolo Bresi 04-04-2005 10:51 AM

[HIDE LAN] Hide a part of hosts into the LAN at VPN users?
 
as VPN server i use windows 2000 server. it works great, but unfortunately
it shows all hosts in my LAN. i have different kinds of VPN users. some
users should see only one host/server into the LAN. other users can see
everything.
have you idea how to solve this problem?

thanks in advance,

Paolo

Walter Roberson 04-04-2005 02:41 PM

Re: [HIDE LAN] Hide a part of hosts into the LAN at VPN users?
 
In article <1juvunupmhhij.1t7wpqr5bt3wo.dlg@40tude.net>,
Paolo Bresi <paolobresi@libero.it> wrote:
:as VPN server i use windows 2000 server. it works great, but unfortunately
:it shows all hosts in my LAN. i have different kinds of VPN users. some
:users should see only one host/server into the LAN. other users can see
:everything.
:have you idea how to solve this problem?

Sorry, this is not a general newsgroup about firewalls, such as
comp.security.firewalls -- this is a newsgroup for Cisco
equipment, including [along with routers and switches] Cisco's
VPN servers, Cisco's PIX firewall line, and Cisco's IOS IPSec
implementations. Solutions to Windows 2000 as a firewall -server-
are generally beyond the expertise of this newsgroup. You might
get lucky and have someone here -happen- to know, but you might
also not get a response for a few years...

If you were working with Cisco's security products, then there
would be a couple of approaches you could use. One would be to
use different vpn groups for each of the kinds of users; each vpn
group has its own ACL assigned. Another approach within Cisco's
products would be to use "downloadable ACLs" from a RADIUS server.

I have no informaiton as to whether Windows 2000 VPN server supports
anything remotely close to the approaches you would take with Cisco.
--
"I want to make sure [a user] can't get through ... an online
experience without hitting a Microsoft ad"
-- Steve Ballmer [Microsoft Chief Executive]


All times are GMT. The time now is 10:18 AM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.