Remote authentication from PPTP clients

[Randy Swift]

I have a mixed mode W2K environment. PDC & BDC are the only two NT4 SP6a
servers left in our domain, as we have scheduled an Active directory rollout
for this year. I have 3 firewalls and 3 full T1's for internet access, and
VPN connectivity. Right now we have PPTP & IPSEC, 150 users, coming through
2 firewalls that have to authenticate the PPTP users. We would like to move
all PPTP user to a newer firewall and make them authenticate to a w2K server
so we can use our NT authentication and not have to remove the users from
all firewalls when a termination occurs. We would like to be able to disable
their account in Windows and stop their access. I have PPTP users coming
throught the new firewall now and obtaining an IP, which I want to keep
happening, but I want to transfer the authentication to the W2K server. If
you can tell me the best way to set up this on a W2k server, I can handle
the rest on the PIX.
THANKS Randy Swift

 

[Bill Grant]

You should be able to use RADIUS. W2k server includes IAS, which is an
industry standard RADIUS server. The PIX should be able to offload
authentication to the IAS server.

 

[Randy Swift]

Does Active directory have to be installed?? What Ports need to be opened?
and is there a white paper or papers you suggest?? Thanks Randy

 

[Randy Swift]

Has anyone got any info on this, I thought maybe Bill Grant is off today
Thanks Randy

 

[Bill Grant]

I am in Australia so night and day don't line up!

You can run it with or without AD. You should get all the info you need
from
www.microsoft.com/ias