https://community.cisco.com/t5/network-access-control/hardware-client-3002-individual-user-authentication/m-p/183727#M6987 <P>Tunnel is already established between 3002 and 3015. I have already configured 3015 to provide external NT authentication for users behind hardware client. can users behind hardware client authenticate directly to NT authentication server when they first log in to their windows 2000 workstation; or Do they need to log in to pc locally then use broweser to log into NT authentication server before they can check corporate e-mail, browse , etc.</P><P></P><P></P> Fri, 21 Feb 2020 18:07:45 GMT altaf007 2020-02-21T18:07:45Z https://community.cisco.com/t5/network-access-control/hardware-client-3002-individual-user-authentication/m-p/183727#M6987 <P>Tunnel is already established between 3002 and 3015. I have already configured 3015 to provide external NT authentication for users behind hardware client. can users behind hardware client authenticate directly to NT authentication server when they first log in to their windows 2000 workstation; or Do they need to log in to pc locally then use broweser to log into NT authentication server before they can check corporate e-mail, browse , etc.</P><P></P><P></P> Fri, 21 Feb 2020 18:07:45 GMT https://community.cisco.com/t5/network-access-control/hardware-client-3002-individual-user-authentication/m-p/183727#M6987 altaf007 2020-02-21T18:07:45Z https://community.cisco.com/t5/network-access-control/hardware-client-3002-individual-user-authentication/m-p/183728#M6988 <HTML><HEAD></HEAD><BODY><P>The latter. The VPN login and their Windows login are completely separate, even though they've been setup to use the same database. No way around it.</P></BODY></HTML> Fri, 25 Jul 2003 00:01:22 GMT https://community.cisco.com/t5/network-access-control/hardware-client-3002-individual-user-authentication/m-p/183728#M6988 gfullage 2003-07-25T00:01:22Z