Q

Retricting access to RAS servers

My organization have several remote sites. These sites connect to the organization intranetwork through our RAS using ISDN or PSTN dialup. I was wondering whether it is possible to restrict access to certain servers/sites based on the dialup user authority level (e.g. one user can only access two servers out of five available servers in my network, another 4 out of 5, etc.). Do I require extra hardware? Any differences if the dialup is done through PSTN or ISDN?
Because of the context implicit in your message, I assume you are using Windows to provide RAS (RRAS?) access. Alas, there is no explicit mechanism to limit which RAS servers within a single domain that users whose RAS access is enabled can dial into. However, there are two workarounds that can solve this problem fairly easily:

  1. Put each RAS server into its own domain, making it possible to manage accounts on a per-server/domain basis.
  2. Set up separate RAS accounts for each server, so that user access can be controlled on a per-server basis.

3rd-party products like those from Citrix are more flexible in this regard, but they may not be worth the considerable extra expense involved. Finally, AFAIK, there is not profound disinction in RAS access controls based on the type of connection used to access the server (PSTN, ISDN, ATM, Internet, etc.).

HTH,
--Ed--
This was first published in November 2001

Dig deeper on Network Security Monitoring and Analysis

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close