?
Solved

radius question

Posted on 2002-05-03
1
Medium Priority
?
327 Views
Last Modified: 2010-04-11
I have a 3com firewall that has vpn capabilities, I want to use radius for authentication.  I will install
IAS(radius) on a windows 2000 server.  Now the question is, where should I place the win2000 server;
On the DMZ or my LAN?  Is there any reason I should not place it on my LAN?

Secondly, can the IAS server be a DC or is that a security risk.  

Thanks much
ptran
0
Comment
Question by:ptran2000
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 3

Accepted Solution

by:
hnminh earned 400 total points
ID: 6989629
IAS should not be on DMZ since it only serve authenticating to the firewall not anything else from the Internet. Depend on where your firewall is, ie. it is frontier firewall or internal firewall which is directly connected to your LAN or being both, you should configure the the router connected to your LAN to let only the firewall can connect to internal RADIUS service. So if the IAS is inside the firewall, it wont take much risk from the Internet to be a DC!

Actually this topology is how i'm using here in my office. We have Cisco router with 2 ethernet interface, 1 connected to DMZ, 1 to LAN using non-routable IP range (172.16.x.x). The router serve both RAS and VPN using internal IAS which is on our W2K DC!

Hope it help!
0

Featured Post

Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question