To authenticate to NT domain you'll need to setup some sort of TACACS or
RADIUS server. I did this with previous IOS versions using RADIUS server
provided by NT (comes with NT Option Pack).
If I'm not mistaken, you'll need to change the line
vpdn group 1 client authentication local
to something like
vpdn group 1 client authentication RADIUS server-name
and include a line referencing the server name. NOTE: this syntax may not
be correct; check your PIX manual.
> -----Original Message-----
> From: Ryan Reynolds [mailto:[EMAIL PROTECTED]]
> Sent: Friday, December 15, 2000 5:51 AM
> To: [EMAIL PROTECTED]
> Subject: Windows logon over PPTP through PIX?
>
>
> All:
>
> Has anyone had experience configuring Windows 98/2000 and PIX to run
> PPTP and have the remote Windows machine then log in to the PDC behind
> the PIX?
>
> I think I have everything set up properly for straight PPTP on the PIX
> (running 5.2(3)):
>
> ip local pool pptp-pool 192.168.50.1-192.168.50.254
> sysopt connection permit-pptp
> vpdn group 1 accept dialin pptp
> vpdn group 1 ppp authentication chap
> vpdn group 1 ppp authentication mschap
> vpdn group 1 client configuration address local pptp-pool
> vpdn group 1 client authentication local
> vpdn username blah password blah
> vpdn enable outside
>
> And then I have a straight-out-of-the-book setup on the
> Windows box for
> PPTP.
>
> Any suggestions on how to get this to work?
>
> Thanks!
>
> -Ryan
>
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
