VPN client to MS server no workie...
Ric Moore
wayward4now at gmail.com
Tue Dec 18 22:17:31 UTC 2012
On 12/18/2012 04:42 PM, Matt Bukaty wrote:
> Ric;
>
> I am assuming you are connecting to a 2008 R2 or 2012 Server? The
> problem (IIRC) is NLA.
2008 I believe.
> This is a feature in Windows Servers that require connecting clients to
> adhere to a certain patch / client / software level before they are
> allowed to connect and would automatically set GPO and Firewall rules to
> connecting clients.Server 2012 it comes on by default - 2008 I don't
> remember but I amguessingso.
>
> Depending on where you live, what kindof business you are running, and
> what gov't regulations you need to adhere to - disablingthis may put you
> out of compliance (and isbad form from a security perspective.)
We're a non-profit. But, we do have data that needs to be secure.
> Cisco is the only client I am aware of at the moment that supports NLA
> on Linux connecting to 2008/2012AD Networks.
>
> VPN's are somewhat out of date anyway- depending on what you are trying
> todo. Are you trying to RDP to machines?
> http://itap-mobile.com/desktop/rdp (Commercial Product - but they do
> have it worked out.)
I just want to connect to our localnet so I can beat silly on the
router. I'm located about 80 miles from the office and keep late hours.
> Whatever your goal - if you disable NLA I would highly suggest locking
> and to throw these connections onto another VLAN and locking it down to
> the Nth degree.
I have a proxmox server there also, with it's own static IP address. You
would think I could get it to work as a vpn server. I'm google/reading
the howto's and it looks pretty horrifying... no one seems to agree on a
nice step by step howto. It's just a server running Debian Squeeze and
Proxmox for virtual VZ containers. It's getting less straight forward
and more weird as I go. This is all relatively new to me, as I have
never had the need to do it before.
So, once again you have to be a MS paying customer to get to what you
own. I hate that. Thanks for the reply. Ric
--
My father, Victor Moore (Vic) used to say:
"There are two Great Sins in the world...
..the Sin of Ignorance, and the Sin of Stupidity.
Only the former may be overcome." R.I.P. Dad.
http://linuxcounter.net/user/44256.html
More information about the ubuntu-users
mailing list