Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Different Authentication For vpngroups On PIX

From: "Paul Melson" <pmelson () gmail com>
Date: Wed, 5 Oct 2005 15:16:31 -0400
-----Original Message-----

Let me then take this and change my question a little.  What I am trying

to do is have 

a server automatically VPN in, backup some files, and then disconnect.  In

order to do > this, one of the options is storing the user/pass on the
server (not the best idea in 

the world, but if I have to, I have to).  So, what would then be the best

way to setup 

for this scenario?


This type of thing is probably better handled through a typical peer-to-peer
tunnel if it's possible.  (http://www.cisco.com/warp/public/707/2000.html)
Then you can use certificates to authenticate the endpoints to each other
and you don't support a 'hack' like having to attrib +r the VPN Client .PCF
file to keep the client from removing the RADIUS password (which is the
other option - very much NOT recommended).

PaulM

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: