I am in the process of planning the implementation of Cisco ACS for purposes of authenticating remote users to two different Windows 2000 Active Directory domains. Both domains are on my inside network and are child domains in the same forest.
All remote users will be entering the network through a Cisco VPN 3015 concentrator. In addition, one of the internal domains will contain accounts for our network administrators responsible for supporting our Cisco equipment. We would also like to use ACS for AAA access for these administrators.
My question is where do I place this server in the network(domain)? Is it possible for the server to authenticate users to both domains?