Announcement

Collapse
No announcement yet.

Server 2003 VPN questions!!

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Server 2003 VPN questions!!

    Hello,

    I am running Windows Server 2003 Standard Edition with AD, DNS, DHCP and RRAS Services running. I have two questions:
    1. How can i limit users with one user account and only one connection? What i mean to say is, suppose if user1 is logged to the server through VPN then there should be no other user with this same id (user1) connectable to this server. How to achieve this?
    2. Is it possible to restrict VPN users based on their Ethernet Adapter MAC Address? What i mean here is, I want the users whose MAC address is registered in the server only to be able to connect through VPN. Is this possible? and how do i achieve this?


    Thanks and Regards,

  • #2
    Re: Server 2003 VPN questions!!

    1. How can i limit users with one user account and only one connection? What i mean to say is, suppose if user1 is logged to the server through VPN then there should be no other user with this same id (user1) connectable to this server. How to achieve this?

    You can limit a user to a particular workstation... but that stops him moving around the organisation. You cannot limit the number of sessions for a particular user without 3rd party software. (I don't know if there is any software, but you can't do it with Windows)

    2. Is it possible to restrict VPN users based on their Ethernet Adapter MAC Address? What i mean here is, I want the users whose MAC address is registered in the server only to be able to connect through VPN. Is this possible? and how do i achieve this?

    No. VPN's occur at a much higher layer of the OSI model than MAC addresses; and MAC packets are not routable. So - the remote server doesn't know the MAC address of the local client unless they're on the same physical network. If it was this easy, VPN's would not even be necessary.


    Tom
    For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

    Anything you say will be misquoted and used against you

    Comment


    • #3
      Re: Server 2003 VPN questions!!

      On number 2:
      I agree with Stonelaughter on this one. I tried a few things but none of them worked. The most promising theory was to create a security group with computers in it and use that group in a vpn access policy - but that does not work.


      <anecdote>This was actually the first question I ever asked here, and I did it by mailing directly to Daniel (I didn't know about the forum back then) </anecdote>
      A wise man once said: "Assumption is the mother of all fu*k ups".

      Any advice I give is to the best of my knowledge, there is no guarantee what so ever that it will actually work in your particular scenario. I will not accept any responsibility for unexpected consequences, after all - you are taking advice from a complete stranger over the internet. =)

      Comment

      Working...
      X