Re: Locking down IAS and NAS

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Timo (timo_at_theglens.net)
Date: 02/28/05

• Next message: Timo: "Re: Locking down IAS and NAS"
• Previous message: UoD: "Missiong "wireless authentication" certificate template"
• In reply to: Thomas K: "Re: Locking down IAS and NAS"
• Messages sorted by: [ date ] [ thread ]

---

Date: 28 Feb 2005 06:41:03 -0800

Hey Tom

Here is the info from the Win Even Log from that cooresponds with above
login into from my router.

Thanks for looking , in case bad formatting in the post...
http://www.theglens.net/net/ias-debug.txt

This is an example of the telnet \ ssh login from the WIndows System
Event log

Date 2/27/2005
Time 9:12:08 PM
Source: IAS
Event ID: 1

User tglen was granted access.
 Fully-Qualified-User-Name = myADdomain.local/LAN Managers/myuser
 NAS-IP-Address = VPN.SERVER.IP
 NAS-Identifier = <not present>
 Client-Friendly-Name = vp2611 - LAB VPN Router
 Client-IP-Address = VPN.SERVER.IP
 Calling-Station-Identifier = CLIENT.IP.ADDR.1
 NAS-Port-Type = Virtual
 NAS-Port = 68
 Proxy-Policy-Name = Use Windows authentication for all users
 Authentication-Provider = Windows
 Authentication-Server = <undetermined>
 Policy-Name = EXEC Login Admins - priv level 15
 Authentication-Type = PAP
 EAP-Type = <undetermined>

-----------------

This is an example of a VPN login
Date 2/27/2005
Time 9:16:22 PM
Source: IAS
Event ID: 1

User tglen was granted access.
 Fully-Qualified-User-Name = myADdomain.local/LAN Managers/myuser
 NAS-IP-Address = VPN.SERVER.IP
 NAS-Identifier = <not present>
 Client-Friendly-Name = vp2611 - LAB Router
 Client-IP-Address = 172.25.226.32
 Calling-Station-Identifier = CLIENT.IP.ADDR.2
 NAS-Port-Type = Virtual
 NAS-Port = 500
 Proxy-Policy-Name = Use Windows authentication for all users
 Authentication-Provider = Windows
 Authentication-Server = <undetermined>
 Policy-Name = EXEC Login Admins - priv level 15
 Authentication-Type = PAP
 EAP-Type = <undetermined>

---

• Next message: Timo: "Re: Locking down IAS and NAS"
• Previous message: UoD: "Missiong "wireless authentication" certificate template"
• In reply to: Thomas K: "Re: Locking down IAS and NAS"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages RedirectFromLoginPage and loops ... I've got an Intranet site that's been using the usual Forms authentication. ... Windows authentication checked). ... whether the Login Windows is valid, and then I run a RedirectFromLoginPage. ... With such a code portion, the page loops moebiusly and never goes to the ... (microsoft.public.dotnet.framework.aspnet) RedirectFromLoginPage and loop ... I've got an Intranet site that's been using the usual Forms authentication. ... Windows authentication checked). ... whether the Login Windows is valid, and then I run a RedirectFromLoginPage. ... With such a code portion, the page loops moebiusly and never goes to the ... (microsoft.public.dotnet.general) RE: How to get the login from IIS in C# ... you want to use Windows authentication instead ... client need to login to domain to avoid message box from ... | windows under IIS... ... (microsoft.public.dotnet.framework.aspnet.security) Re: Websites require a login ... It's *my* understanding (and I'm not a security expert) that when using ... integrated windows authentication you are using NTLM authentication or ... Windows 2000 and 2003 via Active Directory. ... That's why the server is requiring a login. ... (microsoft.public.dotnet.framework.aspnet) Re: Changing passwords / Blocking SA login attempts ... I went into the Server Config properties and changed to Windows ... My login for Start and Run SQL server was in this format. ... I am supposing this was an SQL authentication, ... (microsoft.public.sqlserver.security)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Internet  > microsoft.public.internet.radius  > 2005-03