PIX & IAS

M

manoa

I have configured W2K IAS to accept authenication for a
NAS, Cisco PIX 515E. When I look at the IAS, I can see
the user logging in was granted access. The account in
the log is "domain\username was grant access." The
account used is an account on domain. However, when a
user trys to access netowrk resources, a windows logon
box appear requiring the users to logon. Once they
logon, they have the same rights that they would have
locally on the netowrk. Is there a way to pass the
authenication from PIX515 to IAS and then to the domain.
The IAS server is registered with AD and a memeber of the
RAS and IAS server group.
 
S

Steven L Umbach

You might also want to post in the win2000.ras_routing newsgroup. I have not
experienced that problem into a W2K vpn server. Keep this in mind though. The second
request for credentials is good security practice depending on whether or not the vpn
client can remember credentials being an extra barrier to network resources from
unauthorized access. I would think it is a rather small inconvenience. --- Steve
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ras and ias server group 3
RRAS broken, Windows 2003 R2 64-bit 4
IAS Server Event ID 3 Reason Code 6 Reason= The server is unavail 1
Cisco AP1200, EAP and IAS 1
PIX Firewall and Win2k IAS 3
IAS, Radius and AD 2
IAS, RAdius and AD 1
802.11x EAP-TLS user authentication failure 0

Top