02-06-2003 04:21 AM - edited 02-21-2020 12:20 PM
I have some users with Windows 2000 that dial in an access server Cisco 2620. But i see that some other people connect to my company network. I've changes several times the passwords of my clients but it seems that somehow they are stolen again. So i want to implement IPSec with a preshared key on Windows 2000 and Cisco access server. I use AAA method with Tacacs. I've configured Windows 2000 with a preshared key. I want to do it now on Cisco access server (i use a pool of dymanic IP addresses on RAS).
What should i do on the Access server
Any help or idea would be deeply appreciated.
Gentian
02-10-2003 03:10 AM
Hi Gentian,
I don`t think IPSec is an appropriate solution for this problem. Try to find some stronger authentication solution than using static passwords, i.e. RSA SecurID or ActivCard, if you have Win-based network. Of course you can combine authentication and CiscoSecure ACS, look for docs at CCO.
03-17-2003 02:21 PM
I agree, using dynamic key authentication solutions would be the best way to go - RSA SecurID would be a go go!!
03-02-2003 08:40 PM
I would seriously consider checking your NT Server for programs that are giving those passwords away. RA, VNC, etc.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: