mgideon
asked on
Authenticate 2003 VPN server to different/remote active directory
I built a 2003 VPN server with 2 nics and put it in my dmz. Opened 1723 on gre on my firewall. Everything is great.
What I want is a way for this 2003 server to attach to my Active Directory domain inside the firewall to authenticate users. I want this to be secure.
My 2nd Nic on the PPTP VPN server has an internal address that will be able to get to my domain.
How do I set it up so I can have the VPM server in teh DMZ connect to the AD server to authenticate to the users list?
What I want is a way for this 2003 server to attach to my Active Directory domain inside the firewall to authenticate users. I want this to be secure.
My 2nd Nic on the PPTP VPN server has an internal address that will be able to get to my domain.
How do I set it up so I can have the VPM server in teh DMZ connect to the AD server to authenticate to the users list?
ASKER
That seem prett close, except the Active directory I want to connect to is running on a 2000 Server. The link you send says you need 2003 to install IAS.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you can run IAS on the domain controller on the LAN, and create a RADIUS client on it for the VPN server. Then configure the VPN server to use RADIUS and point it at the DC - this can allow your VPN users to be authenticated against the active directory....
here's a link...
http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/sag_IAStopnode.asp