>However, after a user is authenticated, anyone else may also access the
>protected services if they orginate from the same source IP address (NAT'd
>network). The authentication mechanism is designed to authenticate based on
>source-ip address only.
Most firewalls track authenticated users based on the client's source IP
address. If you need a stronger method, you could always use the Netscreen
Remote client software and require a secure tunnel from the clients to get
to your protected resources.
-Brian Soby
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
>protected services if they orginate from the same source IP address (NAT'd
>network). The authentication mechanism is designed to authenticate based on
>source-ip address only.
Most firewalls track authenticated users based on the client's source IP
address. If you need a stronger method, you could always use the Netscreen
Remote client software and require a secure tunnel from the clients to get
to your protected resources.
-Brian Soby
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
[ reply ]