Re: VPN or IPSEC?
- From: "Wells Caughey" <wellscaughey@xxxxxxxxxxx>
- Date: Fri, 29 Dec 2006 10:25:51 -0500
Robert,
Does IPSec need static IP addresses for the domain isolation stuff? If so that could be a deciding factor right there. Our users have to "sync with Active Directory" because they are out in the field all the time (often times more than six hours away from the nearest office) and they may need to change their password, or start using a spare laptop that does not already have their profile/account loaded if their other laptop breaks. Really, there are a number of things that might require them to connect to Active Directory.
I too would prefer a PPTP VPN, my problem here is that I can't seem to find a way to make the VPN connection automatic or demand-dialed from XP, and my users have difficulty when they do have to use it. Really what I want is a VPN client that looks like an ethernet adapter and is completely invisible to my users, but I got no traction looking for this solution so I am having to think laterally...
Wells
"Robert L [MVP - Networking]" <noreply@xxxxxxxxxxx> wrote in message news:O$5vFAwKHHA.1424@xxxxxxxxxxxxxxxxxxxxxxx
I beleive PPTP VPN is better in this case because the IPSec need static IP (in most cases). Why do you want to sync with Active Directory? Normally, our clients using VPN without synchronizing with Active Directory should be able to access most VPN resources.
Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Wells Caughey" <wellscaughey@xxxxxxxxxxx> wrote in message news:ujQA9soKHHA.420@xxxxxxxxxxxxxxxxxxxxxxx
Hello everyone,
The vast majority of my company's users work out in the field and rarely, if
ever, come in to a branch office. Now there are times when these users need
to access a file server or thier laptop needs to sync with Active Directory.
I was thinking that I would let them connect to the corporate network via a
VPN, but it turns out there is not way to setup Windows XP to demand-dial a
VPN or have a permanent VPN connection to the corporate network, and our
users get confused and frustrated about having to manually connect the VPN.
My question here is, should I continue with the VPN strategy, or should I
switch gears and make the domain controllers visible on the Internet and use
IPSEC to retstrict access to only domain computers? Or is there a third way
that I don't even know about?
I'd apprecate any advice,
Wells
- Follow-Ups:
- Re: VPN or IPSEC?
- From: Jerome Baum
- Re: VPN or IPSEC?
- References:
- VPN or IPSEC?
- From: Wells Caughey
- Re: VPN or IPSEC?
- From: Robert L [MVP - Networking]
- VPN or IPSEC?
- Prev by Date: Re: DFS replication
- Next by Date: Re: NAT with IP Filters
- Previous by thread: Re: VPN or IPSEC?
- Next by thread: Re: VPN or IPSEC?
- Index(es):
Relevant Pages
|
Loading
