Jump to content

Suddenly All users are allowed VPN access!!

Guest Nadi

By Guest Nadi
in Techno Babble

 Share

Recommended Posts

Guest Nadi

Guest Nadi

Posted
Posted

ISA Server 2004 SP3

 

Windows 2003 SP2

 

 

 

On Active Directory:........

 

AD User DIal-In Tab has "Allow Access through Remote Access Policies" By

default.

 

 

 

On the ISA:......

 

Remote Access Policies

 

 

 

IN the "ISA Server Default Policy", the "Policy condition" has the "Domain

Users" group

 

 

 

Action "Grant Remote Access Permission"

 

 

 

What is wrong? what of the above isn't a default? I didn't change any of

the settings!! Any explanation??

 

 

 

 

 

Regards,NN

  • Replies 2
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Jens Baier

Guest Jens Baier

Posted
Posted

Hi,

<span style="color:blue">

> AD User DIal-In Tab has "Allow Access through Remote Access Policies" By

> default.</span>

 

AD native mode result

<span style="color:blue">

> IN the "ISA Server Default Policy", the "Policy condition" has the "Domain

> Users" group

> Action "Grant Remote Access Permission"</span>

 

OK, but you manually have to activate VPN and you must manually select the

users or groups that have the right to use VPN. I don't see any security

risk.

 

regards Jens

www.nt-faq.de

Guest Nadi

Guest Nadi

Posted
Posted

Thanks for the reply, but Believe me, i found the domain users groups from y

10 domains in the ISA Server Default Policies. I.E. in every ISA of my 10

ISAs, every default ISA Server Default Policy has its domain "Domain users"

group in it thus all the users are allowed access !!!!!!!

 

I'm thinking of opening a case with MS to check how this happened

 

 

"Jens Baier" <jensbaier@passport.com> wrote in message

news:%23Bt1EWzrIHA.5060@TK2MSFTNGP03.phx.gbl...<span style="color:blue">

> Hi,

><span style="color:green">

>> AD User DIal-In Tab has "Allow Access through Remote Access Policies" By

>> default.</span>

>

> AD native mode result

><span style="color:green">

>> IN the "ISA Server Default Policy", the "Policy condition" has the

>> "Domain Users" group

>> Action "Grant Remote Access Permission"</span>

>

> OK, but you manually have to activate VPN and you must manually select the

> users or groups that have the right to use VPN. I don't see any security

> risk.

>

> regards Jens

> www.nt-faq.de </span>

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...