locked
ISA with IAS RRS feed

  • Question

  •  

    can I use IAS with ISA 2004 for user authentication with more combination

    for example

    I want that users authenticate via IAS with more combination like

     

    username+MAC

    or

    username+MAC+IP address

    or

    username+ip

     

    is this thing is possible in IAS when using IAS with ISA2004?

    Tuesday, February 12, 2008 4:37 PM

Answers

All replies

  • Username + MAC is possible by sending MAC address in calling station ID attribute and conifguring Verify caller ID option in the dialin properties of the user in AD. I think, IP address will be sent as Framed IP address attribute. IP address can't be validated (we only have conditions for user IP address in w2k8 NPS (not in w2k3 IAS)).

    Wednesday, April 30, 2008 11:41 PM
  •  

    HI Lenina

     

    would you plz send me any article which I can study for implamenting for solution

     

     

    ....Basically my users are around 1000 and mostly are add in there PC Administrator account for some reson so they can easily change IP address and put the allowed IP for accessing internet bcuz there are some users who have the facility of internet....

    Thats why I want more combinaton to restrict internet like username+MAC or IP+MAC+Username combinaton

     

    OR

     

    can we make a senerio where user can dial to any authentication server(like dial-up) and after authentication he can access internet on LAN......(i mean is there any facility to use dial-up for authentication to use internet via ISA on LAN)

    Friday, May 2, 2008 8:43 AM
  • The following link has information about caller ID option in IAS:

    http://technet2.microsoft.com/windowsserver/en/library/83428017-0ce6-4911-9dd0-482c6788dcbb1033.mspx?mfr=true

    http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/intwork/inbc_ias_kvvq.mspx?mfr=true

     

    MAC address can be used in the caller ID field (i.e calling station ID RADIUS attribute).

     

     

     

     

    Monday, May 5, 2008 6:47 PM