VPN Access to Enterprise Site Authentication

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi All, I'm back from the dead and glad to see CertForums still doing the bizz!

I'm currently working on a little project at work and we have a few sites where we have devices in locations that are not part of our company sites but we have users there that access our network through these places. These PC's laptops link over BT's N3 network to the LAN firewall then outside addresses are translated into local addresses but i would like to set these up using Junipers Netscreen Remote VPN client to access our network so as they can be part of the LAN eg remote devices having a LAN address then being tunnelled over the BT network then being able to access our network. I have had a look around on the net regarding this and all the info i can find relates to using RADIUS and xAUTH. I was wondering and hoping that it would be possible for the users and devices to authenticate to Active directory as if they were sittting actually on the LAN but connot find reference to this. I'm not looking for a complete rundown as to how this can be done because i would like to get to the bottom of this as much as i can myself but was just wondering if this was a technically feasible option?

If anybody has had experience with this type of solution it would be great to hear if this can be done. The devices also need to be picking up dhcp addresses but these will be reserved for the remote devices on AD but i know this can be done through dhcp relay. (i think!)

Thanks guys/gals.

 

You could create a VPN using either PPTP or LT2P/IPsec (as Sparky said) using RRAS.

Your DHCP would normally reserve 10 IP Addresses for the VPN's which would be taken from your leases.

Chapter 10 of the Windows Server 2003 Network Infrastructure Book 70-291 would be good to assist you and to answer some questions you may have.

 

Thanks for reply guys, sorry Sparky i forgot to mention its Netscreen 204. I have not implemented this in anyway as yet. I just wanted to get an idea of the best solution. I have not carried this out before so was just looking for a wee heads up.

Thanks guys.

 

All commments appreciated.

I will look into this tomorrow.

Thank you!