|
Home > Archive > CCNA > June 2002 > Remote Access
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
|
| Hi guys i need some help....
I have posted about this earlier but after i went to the client i realized the scenario was different. So here goes...
The objective is to enable users of the WindowsNT domain(Lets say Domain) to be able to dial in through a remote access server(in this case is a 2600 Router) located externally of the firewall and be able to access their resources. The Router which is also the Internet Router is a 2600 and has a NM-AM 8 port module in it. The firewall is a checkpoint v 4.1 and is located in between the PDC and the Cisco Router. I have done a lot of reading but i'm believe that it is pretty complicated considering the fact that we have to come though the firewall.
Here is a list of what i did.
1) i created a username and password on the router(same user and pass in PDC) enabled remote access by configuring the async port,configured ppp chap authentication ,created a dial in pool.when a remote user connects they will be dynamically assigned a DNS server address for internet browsing and the WINS server for name resolution.
I checked whether the user is connecting..Bingo user connects is assigned an address,dns add,wins add.
2)added the PDC ip address to the LMHOSTS File incase WINS ain't working.
3)i opened ports 135-139 and created a policy on checkpoint indicating that any Source to destination PDC with Service Session Authentication. I enabled the OS password for authentication checkpoint.enabled to accept ICMP packets and joined it to the domain so that it can pass authentication requests directly to the PDC.
The problem is when i connect to the access server i am unable to acess any resources on teh domain. I tried pinging directly the PDC and was successful.
Oh! by the way guys this is the first time i'm working on Cisco Routers and Checkpoint so if you guys have any corrections as to what i did or if there is an easier way to get remote access up and working in this scenario i'll be grateful.
If you guys need any other configurations tell me..
Lenee | |
|
|
|
|
|