2 Private and One Public Interface issue

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I am running a 2003 RRAS and IAS authentication and it all is working well.
I want to add an additional private interface and be able to route certain
connections through the new interface. I have attempted this using a RADIUS
policy that specifies the Tunnel-Server-Endpoint and login-ip-host RADIUS
parameters but I still cannot make work. Does anyone know how to make
certain RAS users use a particular interface?

Thanks

Jeff
 
I forgot to say this is used strictly as a VPN server to allow access to our
internal networks. I am aware that if I have a fully routed private network
that everyone should be able to enter in through the single private interface
and route to the other subnets. However, I want to isolate a certain group
of users on a single subnet when they connect.
 
For those group of users, you can add in remote access policy - the inbound
filter settings restricting to one particular subnet.
i.e. when packet received from that user and destination ip matches this
subnet, accept it, otherwise reject it.
 
Thanks for the post, however that's not really what I want to do. I know I
can limit access via filters, what I want to do though, is put them on a
specific network and have the rras server determine which network to place
them on based upon the ras policy.
 
I cannot think of any other attribute by which you can restrict.

--
Regards,
Samirj
 
The IAS policies have several attributes that can be set, such as the
Login-IP-Host, Tunnel-Assignment-ID and Tunnel-Server-EndPt. It appears to
me that some combination of these will do what I want but I can't find any
good documentation on setting the advanced RADIUS attributes. I also don't
know how to determine or set the Tunnel ID. Do you know where I can get some
advanced documentation on the RADIUS settings?
 
Back
Top