VPN advice

Misha misha at insync.net
Thu Oct 21 20:25:04 EDT 1999


I would lookm into the IPSec support on the Pix. Cisco IPSec clients have
already been released and dont sound terribly buggy, though the Pix IPSec
implementation is a little off right now (problems between site-to-site
and remote access clients). Release 5.02 should be coming out in a few
feeks, which will solve a lot of problems, but you should be able to start
doing testing now without any problems.

Misha


> We are in the evaluation and testing phase of our VPN deployment and would
> like some advice about a few issues we have come up with. We have a
> LAN-to-LAN situation--users on one network need to connect back securely to
> an NT domain on another network. The two networks are connected by routers
> and security is maintained through access lists.(We have a PIX firewall
> protecting the rest of our network.)
> First, a key feature that we are looking for is a VPN product that will
> allow us to do an NT logon and download our NT profiles. Microsoft's PPTP
> allowed user's to establish the tunnel and logon to an NT Domain
> directly--but it didn't work very well. Does anyone know of a product that
> will allow this? We have tested one product and it only let us establish
> the
> tunnel.  We need a separate logon to connect to the NT domain--we use
> Citrix
> Terminal Server.
> Second, what products have the best management capabilities, i.e,
> documentation, ease of configuration, troubleshooting tools, connection
> monitoring, etc.
> Any help you can give us would be greatly appreciated. Thanks.
> 
> David
> 
> ****************************************************************
> TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com
> 
> The VPN FAQ (under construction) is available at
> http://kubarb.phsx.ukans.edu/~tbird/vpn/FAQ.html
> 
> We are currently experiencing "unsubscribe" difficulties.  If you
> wish to unsubscribe, please send a message containing the single line
> "unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com
> 
> ****************************************************************
> 
> 
> 
> ----------------------------------------------------------------
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential and/or privileged
> material.  Any review, retransmission, dissemination or other use of, or
> taking of any action in reliance upon, this information by persons or
> entities other than the intended recipient is prohibited.   If you received
> this in error, please contact the sender and delete the material from any
> computer.
> 
> 
> ****************************************************************
> TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com
> 
> The VPN FAQ (under construction) is available at
> http://kubarb.phsx.ukans.edu/~tbird/vpn/FAQ.html
> 
> We are currently experiencing "unsubscribe" difficulties.  If you
> wish to unsubscribe, please send a message containing the single line
> "unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com
> 
> ****************************************************************
> 

****************************************************************
TO POST A MESSAGE on this list, send it to vpn at listserv.secnetgroup.com

The VPN FAQ (under construction) is available at
http://kubarb.phsx.ukans.edu/~tbird/vpn/FAQ.html

We are currently experiencing "unsubscribe" difficulties.  If you
wish to unsubscribe, please send a message containing the single line
"unsubscribe vpn your-e-mail-address" to owner-vpn at listserv.secnetgroup.com

****************************************************************




More information about the VPN mailing list