Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Gold

Can you block certain machines from dialing in?

We have a 3745 router with eight 28.8kbps analog modems on POTS lines and six digital modems (56K capable) attached to three ISDN BRI lines. The router functions as a small dial-up access server. It uses Windows 2000 RADIUS (IAS) to validate username/password against Active Directory, and determine whether the user name has remote dial-in permission.

My question is: Can we block certain non-authorized machines (that is, users' home PCs) from using a modem, valid login name and password, to gain dial-up access to the network? The users are supposed to use only the company-provided laptops.

Found out some users were having family at home dial-in and surf the Internet at the company's expense, saving the monthly recurring cost of an ISP account as well as running up the monthly toll-free line charges. Granted, these callers were forced to surf through the company's content filtering software, so they couldn't go everywhere they wanted. But these calls tied up dial-in ports during the day, causing some legitimate dial-ins to get busy signals. This was happening while employees with authorized laptops were at workplace.

Not looking to slap the users down, just want to tighten things up a little so the systems are only used by the machines for which they were intended.

I was thinking you could dial-up into the 3745 and use it as a front-end into a VPN Concentrator; and only the authorized laptops would have the VPN Client software loaded and properly configured.

Anybody else have any ideas?

1 REPLY
Bronze

Re: Can you block certain machines from dialing in?

Interesting idea. Another one I could think of is using some kind of Token card attached to the laptop. Cisco Secure ACS seems to have support for this :

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a008007d09d.html

86
Views
0
Helpful
1
Replies
CreatePlease login to create content