I don't think this is possible with Windows PPTP VPN (Windows 2003 SBS) out
of the box, but I figured I'd ask.
My client wants to restrict a particular user (Bob) from using an
application when connected via VPN. When at the office, this user needs to
have access, however. The application's client component looks for a
particular mapped drive, so I was thinking I could lock down NTFS and/or
share permissions for that particular user on that particular share. Problem
is, even with using a different user for VPN auth (i.e. bobvpn) and denying
access to that share, it'll still pop-up and ask the user for credentials and
then they can just put in their normal domain credentials and have access.
I was also thinking of assigning that VPN user a static RAS IP but I can't
lock down all SMB/CIFS traffic as their are other shares/mapped drives the
user should be allowed to access.
Would ISA accomplish this? Anything else I'm overlooking? I don't mind
saying "no it can't be done" but only if that truly is the case, or it would
require a significant investment (small SOHO office) in more sophisticated
hardware/software.
|
Similar Threads
Linear Mode
