Problem solve Get help with specific problems with your technologies, process and projects.

Retricting access to RAS servers

My organization have several remote sites. These sites connect to the organization intranetwork through our RAS using ISDN or PSTN dialup. I was wondering whether it is possible to restrict access to certain servers/sites based on the dialup user authority level (e.g. one user can only access two servers out of five available servers in my network, another 4 out of 5, etc.). Do I require extra hardware? Any differences if the dialup is done through PSTN or ISDN?
Because of the context implicit in your message, I assume you are using Windows to provide RAS (RRAS?) access. Alas, there is no explicit mechanism to limit which RAS servers within a single domain that users whose RAS access is enabled can dial into. However, there are two workarounds that can solve this problem fairly easily:

  1. Put each RAS server into its own domain, making it possible to manage accounts on a per-server/domain basis.
  2. Set up separate RAS accounts for each server, so that user access can be controlled on a per-server basis.

3rd-party products like those from Citrix are more flexible in this regard, but they may not be worth the considerable extra expense involved. Finally, AFAIK, there is not profound disinction in RAS access controls based on the type of connection used to access the server (PSTN, ISDN, ATM, Internet, etc.).

This was last published in November 2001

Dig Deeper on Network management and monitoring

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.