I want to move our VPN accounts from the router and use RADIUS authentication from our MS Active Directory. We only have about 18 accounts, so that's not too much of a hassle.
All I want from the Microsoft server to say, is that this user is ok to be on the VPN.
This is what I have set up:
1. Cisco 1841 receives a request and passes it to the MS server
2. MS looks to see if the user is in a particular group (ie. VPN Users)
3. If they are, MS gives the green light to the Cisco 1841.
4. Cisco 1841 allows the user to sign on.
Are there any concerns I should be aware of?