Adam,
At my company we are doing something similar... We did the following:
1. Setup the IAS service on our Win2k server
2. Setup authentication for radius on the VPN concentrator (using the
Windows 2k server's ip address)
3. Created an "internal" group on the concentrator.
Although the group is internal, the windows 2k server still authenticates
the end user session. On the Windows side, you simply create a group for
VPN (using the IAS service), and add that to VPN end user profiles... I'm
not really a microsoft junkie, but I think that's the jist of it.
During our beta testing, we tried NT authentication for external groups, and
were unsuccessful. In fact, we weren't successful with any external group
authentication...Hopefully this insight may help. It might not be exactly
what you're doing, but maybe it will give you some ideas.
Chris
>From: "Adam" <[EMAIL PROTECTED]>
>Reply-To: "Adam" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: VPN 3015 using Windows 2000 Domain Authentication
>Date: Tue, 6 Feb 2001 08:31:02 -0500
>
>Has anyone out there successfully implemented external domain
>authentication
>with the Cisco 3015 Concentrator on a Windows 2000 Domain Controller. The
>documentation out there does really focus on a "2000" domain
>authentication.
>
>Any pointers would be appreciated.
>
>
>Adam
>
>
>_________________________________
>FAQ, list archives, and subscription info:
>http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]