2 Private and One Public Interface issue

G

Guest

I am running a 2003 RRAS and IAS authentication and it all is working well.
I want to add an additional private interface and be able to route certain
connections through the new interface. I have attempted this using a RADIUS
policy that specifies the Tunnel-Server-Endpoint and login-ip-host RADIUS
parameters but I still cannot make work. Does anyone know how to make
certain RAS users use a particular interface?

Thanks

Jeff
 
G

Guest

I forgot to say this is used strictly as a VPN server to allow access to our
internal networks. I am aware that if I have a fully routed private network
that everyone should be able to enter in through the single private interface
and route to the other subnets. However, I want to isolate a certain group
of users on a single subnet when they connect.
 
S

Samir Jain [MSFT]

For those group of users, you can add in remote access policy - the inbound
filter settings restricting to one particular subnet.
i.e. when packet received from that user and destination ip matches this
subnet, accept it, otherwise reject it.
 
G

Guest

Thanks for the post, however that's not really what I want to do. I know I
can limit access via filters, what I want to do though, is put them on a
specific network and have the rras server determine which network to place
them on based upon the ras policy.
 
S

Samir Jain [MSFT]

I cannot think of any other attribute by which you can restrict.

--
Regards,
Samirj
 
G

Guest

The IAS policies have several attributes that can be set, such as the
Login-IP-Host, Tunnel-Assignment-ID and Tunnel-Server-EndPt. It appears to
me that some combination of these will do what I want but I can't find any
good documentation on setting the advanced RADIUS attributes. I also don't
know how to determine or set the Tunnel ID. Do you know where I can get some
advanced documentation on the RADIUS settings?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

RADIUS, IAS, and WiFi Authentication 2
PPP adapter RAS Server (Dial In) Interface 1
IAS and RADIUS Authentication 2
RRAS Demand-dial VPN 1
RAS clients can succesfully connect and work only once (after RRAS server reboot) 0
RRAS clients can succesfully connect and work only once (after RRAS server reboot) 4
Routing using rras and public ip addresses 1
Cannot add route for RAS client 3

Top