VPN 3030 using NT Servre for Authentication

gbuetow · ‎07-01-2005

I have successfully set up a group to authenticate using a WIN NT Domain Controller. Is it possible to configure the VPN 3030 to authenticate users from multiple NT domains on a single VPN 3030? The documentation says that I can specify up to 10 authentication servers but the first server of a specific type (i.e. NT) is the primary server and others of that type are used if the primary is inoperative. That means if a user attempts to authenticate usnig a NT Server and the primary server responds and that user is not a part of the same domain as the primary server, authentication fails. How can I configure the VPN 3030 to allow NT Server authentication from multiple domains?

gfullage · ‎07-03-2005

The VPN3000 will simply pass off the users credentials to the configured NT server. It is up to the trust relationships within your NT domain and the permissions of that NT server as to whether you can authenticate users in other domains.

For a start the NT server you configure should be a domain controller, and the domain that it is a part of should have a trust relationship (one or two-way) with all the other domains that you want to authenticate users from.

There is nothing specific you can do on the VPN3000 to do what you want to do, it is all done on the NT network.