The mechanism that allows the user to log is transparent.. The user has no
clue that they are being authenticated by RADIUS or TACACS, and that their
session is kerberized.
The users do not login to Citrix via telnet.
The end or external user will have a Citrix client installed, and the
connections are defined in their Citrix profile.
If you offer to pay for travel and expensese I would be more than happy to
sketch this out on a clean whiteboard.
Geez
/m
At 01:49 PM 7/17/00 -0500, Frank Knobbe wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > Sent: Monday, July 17, 2000 11:58 AM
> >
> > Actually you missed the point, with Kerberos, RADIUS or
> > TACACS in place,
> > the whole mechanism is transparent to the user. That is why
> > it works.. :)
>
>Wait a second. How can it be transparent if the user has to login
>using telnet on the router and then start a Citrix session? What's
>the different between that and entering a token value?
>
>Frank
>
>
>-----BEGIN PGP SIGNATURE-----
>Version: PGP Personal Privacy 6.5.1
>Comment: PGP or S/MIME (X.509) encrypted email preferred.
>
>iQA/AwUBOXNVQ0RKym0LjhFcEQJQZgCgicVCwACfu/ib5MAuqJzNqJIyx+4AnjFn
>8JJAYQWizGoFOGpW+udwVw0m
>=86d7
>-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
