Re: isdn and firewall

carl_townshend · ‎10-25-2005

We have an isdn router at our office here where people can dial up to from home. How would I get this to first go through my firewall to authenticate ?

spremkumar · ‎10-25-2005

hi

From your post i sense that you have got isdn connectivity in ur workplace and the mobile users or the other workers do dialup from their home and getting logged onto the network.

In this case for authentication purpose you can go for TACACS configs or else create local authentication in your router itself.

http://cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7ac.html

Not sure y you want them get authenticated in a firewall. can you revert whether they are establishing any kinda VPN (dynamic ipsec) connectivity between their lcoation and the office ?

regds

baldy · ‎10-25-2005

You could set your router up as an L2TP client and your firewall as an L2TP server. This would cause the PPP sessions to terminate to the Firewall instead of the router so the router is merely handling the hardware. I beleive Cisco call this VPDN on the router IOS. I have done this with routers but not firewalls but the principle is the same. I guess it depends why you want this. If its a security issue better to get the users to run VPN clients down the ISDN to the firewall. If its an ease of management thing then run a tacacs server behind your firewall.