Network Authentamication

Post by **Underpants?** » Wed Jul 19, 2006 8:06 pm

appliances. Anyone up in this motor scooter use 'em and what positives outweigh the ridiculous cost? I'm looking at a Cisco NAC app, atm.

Post by **Captain** » Wed Jul 19, 2006 8:08 pm

"Authentamication"?

Post by **Underpants?** » Wed Jul 19, 2006 8:22 pm

that's right, I'm looking for some edumacation. So ante up or fuck off.

Post by **Tormentius** » Wed Jul 19, 2006 8:31 pm

What exactly are you trying to accomplish with the appliance? IMO if you're using Active Directory you can control network access fairly effectively using the built-in options (IPSec, for example).

Post by **Underpants?** » Wed Jul 19, 2006 10:30 pm

specifically, torm, my gripes about ALL conventional methods of network authentication are in the mechanisms. Ok for example, ms chap / radius / kerberos / central login server and AD all can control actions, down to the ability to use a printer. However, there's no ideal way in hosting an open wireless lobby (don't ask-it's a brilliant management thing) to prevent DHCP hijacking, password and identity stealing "sniffers," mac address cloning, inside floods or other crap without micromanaging at the switch level. SOOO... this is my alternative.

Post by **Tormentius** » Wed Jul 19, 2006 10:36 pm

Ah ok, then the Cisco would work very well. I've been asked to do the same thing on a much smaller (and cheaper) scale and the Fortigate line of routers can authenticate all access against AD so you can limit available ports based on group membership or lack thereof. Their product line runs from SOHO right up into enterprise grade routers though so you might want to check 'em out (you'd gain IDS and definitions-based content management at the same time).

http://www.fortinet.com/

Post by **Underpants?** » Wed Jul 19, 2006 10:45 pm

I've had one of the 60's at a remote site since about 4 days after Riddla's thread

Great appliance.

Post by **Tormentius** » Wed Jul 19, 2006 10:50 pm

I've got 2 wifi 60s on order now and can't wait to get my hands on them.

Post by **+JuggerNaut+** » Thu Jul 20, 2006 12:10 am

Underpants? wrote:(don't ask-it's a brilliant management thing)

i'm askin'. PM it.

Post by **AmIdYfReAk** » Thu Jul 20, 2006 8:14 am

Tormentius wrote:I've got 2 wifi 60s on order now and can't wait to get my hands on them.

you will enjoy the things...

i know i am.

Post by **+JuggerNaut+** » Thu Jul 20, 2006 1:36 pm

+JuggerNaut+ wrote:
Underpants? wrote:(don't ask-it's a brilliant management thing)
i'm askin'. PM it.

thx dude!

Post by **Underpants?** » Thu Jul 20, 2006 1:46 pm

anytime, jugg

Post by **Tormentius** » Thu Jul 20, 2006 6:05 pm

riddla wrote:fucking great shit that fortinet stuff

stable as all fuck too.

How are they for VPN stability? The two Netgear V318s that are connecting the sites now constantly have connection drops (usually in the middle of a backup transfer :icon8: )

Post by **Tormentius** » Thu Jul 20, 2006 6:05 pm

+JuggerNaut+ wrote:
Underpants? wrote:(don't ask-it's a brilliant management thing)
i'm askin'. PM it.

Yeah send it this way too. Sounds interesting.

Post by **Underpants?** » Tue Jul 25, 2006 2:59 pm

fixed it all with a dmz, ftp server, mad scripts and some pinhole trickery. After paying for the secodary UPS, new hardware, and less 3 hours of sleep per night, the same thing was accomplished for about a tenth of the cost. :icon14:

Post by **Tormentius** » Tue Jul 25, 2006 5:59 pm

Nice one.

Post by **+JuggerNaut+** » Tue Jul 25, 2006 6:04 pm

Underpants? wrote:fixed it all with a dmz, ftp server, mad scripts and some pinhole trickery. After paying for the secodary UPS, new hardware, and less 3 hours of sleep per night, the same thing was accomplished for about a tenth of the cost. :icon14:

XXXcellent!