OK..
The router passes the auth packet to the RADIUS/TACACS+ server, which has
both group and user profiles set up. This type of architecture provides
both high and low level authentication and authorization control at the
granular level.
The auth is done by username plus a whole bunch of other attributes one can
setup..
/m
At 10:17 PM 7/17/00 -0500, Frank Knobbe wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > Sent: Monday, July 17, 2000 9:33 PM
> >
> > The user does nothing, all the work is done via smoke and
> > mirrors. The
> > session is initiated once the user enters their password via
> > the Citrix
> > Client, The Citrix client then requests authentication via the
> > router . The router sends a auth request to the server inside,
> > the server then initiates a kerebos session back to the router to
> > the client.
> > The client
> > does not even know what is going on around the session
>
>Okay, but how does the router authenticate the client? By IP address?
>How do you limit access?
>
>Regards,
>Frank
>
>
>-----BEGIN PGP SIGNATURE-----
>Version: PGP Personal Privacy 6.5.1
>Comment: PGP or S/MIME (X.509) encrypted email preferred.
>
>iQA/AwUBOXPMPERKym0LjhFcEQKM7wCfYnYJFEERYPwIVbWYMXY28Ps2pvMAn0Ia
>RS3pbTZaHZZiGol/oZL5aUya
>=b6pl
>-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
