none
DA IP and MAC protection? RRS feed

  • Question

  • Hallo,

    I have implemented DirectAccess solution.

    How can I allow connection only for selected clients IP's and MAC adresses?

    Thank you
    • Edited by DimiKo Monday, January 30, 2012 12:01 PM
    Monday, January 30, 2012 12:01 PM

All replies

  • Hi

     

    By default, connection are allowed on a computer account basis. You should have a security group that represents computers thtat are allowed to read and apply a group policy. Do you want to filter remote management of filter resources clients can access?


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx
    Monday, January 30, 2012 1:11 PM
  • Yes, I have security group and add my clients computer to this. I have end to edge IPSEC connection and certificates enabled.

    If atacker somehow simulate my computer, is it really secure? need I Add IP and MAC filter?  


    • Edited by DimiKo Monday, January 30, 2012 2:01 PM
    Monday, January 30, 2012 2:01 PM
  • OK.

     

    Your attacker need a certificate delivered from your internal AC to mount the first infrastructure tunnel. Not easy at all. Hacking IPSEc tunnels that might encapsulated into HTTPS frames is not an easy thing.

     

     

     


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx
    Monday, January 30, 2012 4:18 PM