01-08-2003 10:13 AM - edited 02-20-2020 10:28 PM
Hello,
I have an request from a client that requires a LAN2LAN (3005 to 3005), but he wishes the 3005 that is at the host site to authenticate each user from the remote site. I'm looking at the documentation, but really don't see anything that quite fits.
This is a vendor of my client and the vendor could have up to 40 people needing access at any given time. We suggested using a VPN client, but deployment would be a HUGE issue.
LAN2LAN is the best route, however we need to know WHO is accessing the network.
The only other way would be to limit IP addresses that could connect into the host site 3005, but still doesn't tell us who is connecting, but rather who can connect.
Suggestions?
Thanks!
Mike
01-08-2003 10:31 AM
Hi Mike,
I think the best route for you to take is to establish a tunnel between a 3002 and a concentrator ( 3005 ). This will give you individual user authentication on the concentrator
Please consult the following sample config:
http://www.cisco.com/warp/customer/471/vpn3002-ind-usr-auth.html
Jazib
01-08-2003 11:41 AM
Jazib,
Thanks for the info. Unfortunately, both sides have 3005 installed.
Is there another way using the hardware currently installed?
Thanks in advance,
Mike
01-08-2003 03:06 PM
hi there,
That was the only option that I could think of
Jazib
01-09-2003 05:39 AM
Dear Jazib,
If this feature is not implemented, does Cisco consider to implement the "Individual User Authentication" for a LAN-to-LAN connection ? Any info on the road-map ??
I think there will be a big market, with demand from the customer to implement such kind of solution. Right now we have implemented several projects using a similar solution (but not on an IPSec tunnel) with individual user authentication on a VLAN (vlan authentication) using Alcatel switch.
Best Regards,
Engel
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide