VPN or IPSEC?

Hello everyone,

The vast majority of my company's users work out in the field and rarely, if
ever, come in to a branch office. Now there are times when these users need
to access a file server or thier laptop needs to sync with Active Directory.
I was thinking that I would let them connect to the corporate network via a
VPN, but it turns out there is not way to setup Windows XP to demand-dial a
VPN or have a permanent VPN connection to the corporate network, and our
users get confused and frustrated about having to manually connect the VPN.

My question here is, should I continue with the VPN strategy, or should I
switch gears and make the domain controllers visible on the Internet and use
IPSEC to retstrict access to only domain computers? Or is there a third way
that I don't even know about?

I'd apprecate any advice,
Wells

I beleive PPTP VPN is better in this case because the IPSec need static IP (in most cases). Why do you want to sync with Active Directory? Normally, our clients using VPN without synchronizing with Active Directory should be able to access most VPN resources.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Wells Caughey" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
Hello everyone,

The vast majority of my company's users work out in the field and rarely, if
ever, come in to a branch office. Now there are times when these users need
to access a file server or thier laptop needs to sync with Active Directory.
I was thinking that I would let them connect to the corporate network via a
VPN, but it turns out there is not way to setup Windows XP to demand-dial a
VPN or have a permanent VPN connection to the corporate network, and our
users get confused and frustrated about having to manually connect the VPN.

My question here is, should I continue with the VPN strategy, or should I
switch gears and make the domain controllers visible on the Internet and use
IPSEC to retstrict access to only domain computers? Or is there a third way
that I don't even know about?

I'd apprecate any advice,
Wells

Robert,

Does IPSec need static IP addresses for the domain isolation stuff? If so that could be a deciding factor right there. Our users have to "sync with Active Directory" because they are out in the field all the time (often times more than six hours away from the nearest office) and they may need to change their password, or start using a spare laptop that does not already have their profile/account loaded if their other laptop breaks. Really, there are a number of things that might require them to connect to Active Directory.

I too would prefer a PPTP VPN, my problem here is that I can't seem to find a way to make the VPN connection automatic or demand-dialed from XP, and my users have difficulty when they do have to use it. Really what I want is a VPN client that looks like an ethernet adapter and is completely invisible to my users, but I got no traction looking for this solution so I am having to think laterally...

Wells

"Robert L [MVP - Networking]" <(E-Mail Removed)> wrote in message news:O$(E-Mail Removed)...
I beleive PPTP VPN is better in this case because the IPSec need static IP (in most cases). Why do you want to sync with Active Directory? Normally, our clients using VPN without synchronizing with Active Directory should be able to access most VPN resources.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Wells Caughey" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
Hello everyone,

The vast majority of my company's users work out in the field and rarely, if
ever, come in to a branch office. Now there are times when these users need
to access a file server or thier laptop needs to sync with Active Directory.
I was thinking that I would let them connect to the corporate network via a
VPN, but it turns out there is not way to setup Windows XP to demand-dial a
VPN or have a permanent VPN connection to the corporate network, and our
users get confused and frustrated about having to manually connect the VPN.

My question here is, should I continue with the VPN strategy, or should I
switch gears and make the domain controllers visible on the Internet and use
IPSEC to retstrict access to only domain computers? Or is there a third way
that I don't even know about?

I'd apprecate any advice,
Wells

Have you tried "Use log on using Dial-Up connection"?

logon VPNHow to authenticate a remote client to the DC How to limit VPN user logon time VPN logon using NT logon ID and password. Use log on using Dial-Up connection. ...
http://www.chicagotech.net/logonvpn.htm


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Wells Caughey" <(E-Mail Removed)> wrote in message news:%(E-Mail Removed)...
Robert,

Does IPSec need static IP addresses for the domain isolation stuff? If so that could be a deciding factor right there. Our users have to "sync with Active Directory" because they are out in the field all the time (often times more than six hours away from the nearest office) and they may need to change their password, or start using a spare laptop that does not already have their profile/account loaded if their other laptop breaks. Really, there are a number of things that might require them to connect to Active Directory.

I too would prefer a PPTP VPN, my problem here is that I can't seem to find a way to make the VPN connection automatic or demand-dialed from XP, and my users have difficulty when they do have to use it. Really what I want is a VPN client that looks like an ethernet adapter and is completely invisible to my users, but I got no traction looking for this solution so I am having to think laterally...

Wells

"Robert L [MVP - Networking]" <(E-Mail Removed)> wrote in message news:O$(E-Mail Removed)...
I beleive PPTP VPN is better in this case because the IPSec need static IP (in most cases). Why do you want to sync with Active Directory? Normally, our clients using VPN without synchronizing with Active Directory should be able to access most VPN resources.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Wells Caughey" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
Hello everyone,

The vast majority of my company's users work out in the field and rarely, if
ever, come in to a branch office. Now there are times when these users need
to access a file server or thier laptop needs to sync with Active Directory.
I was thinking that I would let them connect to the corporate network via a
VPN, but it turns out there is not way to setup Windows XP to demand-dial a
VPN or have a permanent VPN connection to the corporate network, and our
users get confused and frustrated about having to manually connect the VPN.

My question here is, should I continue with the VPN strategy, or should I
switch gears and make the domain controllers visible on the Internet and use
IPSEC to retstrict access to only domain computers? Or is there a third way
that I don't even know about?

I'd apprecate any advice,
Wells

I have an idea of a solution which could work for you, but it uses
third-party software, so I don't know if you are willing to deploy
that. Anyway, take a look at OpenVPN (http://openvpn.net/). This can
run as a service (even with a hidden ethernet adapter so the whole
thing is transparent to your users) and should thus be suitable for
your purposes.

You would need to open up one port, but it is your choice which one
(you are not bound to Microsoft's choice for the port, which is the
reason why I chose OpenVPN).

Worth taking a look at. If you need help with the configuration, feel
free to ask - it can be a challenge to get it working at first, but
once it is working, it is brilliant.

-jerome

Wells Caughey wrote:

> Robert,
>
> Does IPSec need static IP addresses for the domain isolation stuff? If so that could be a deciding factor right there. Our users have to "sync with Active Directory" because they are out in the field all the time (often times more than six hours away from the nearest office) and they may need to change their password, or start using a spare laptop that does not already have their profile/account loaded if their other laptop breaks. Really, there are a number of things that might require them to connect to Active Directory.
>
> I too would prefer a PPTP VPN, my problem here is that I can't seem to find a way to make the VPN connection automatic or demand-dialed from XP, and my users have difficulty when they do have to use it. Really what I want is a VPN client that looks like an ethernet adapter and is completely invisible to my users, but I got no traction looking for this solution so I am having to think laterally...
>
> Wells
>
> "Robert L [MVP - Networking]" <(E-Mail Removed)> wrote in message news:O$(E-Mail Removed)...
> I beleive PPTP VPN is better in this case because the IPSec need static IP (in most cases). Why do you want to sync with Active Directory? Normally, our clients using VPN without synchronizing with Active Directory should be able to access most VPN resources.
>
> Bob Lin, MS-MVP, MCSE & CNE
> Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
> How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
> "Wells Caughey" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
> Hello everyone,
>
> The vast majority of my company's users work out in the field and rarely, if
> ever, come in to a branch office. Now there are times when these users need
> to access a file server or thier laptop needs to sync with Active Directory.
> I was thinking that I would let them connect to the corporate network via a
> VPN, but it turns out there is not way to setup Windows XP to demand-dial a
> VPN or have a permanent VPN connection to the corporate network, and our
> users get confused and frustrated about having to manually connect the VPN.
>
> My question here is, should I continue with the VPN strategy, or should I
> switch gears and make the domain controllers visible on the Internet and use
> IPSEC to retstrict access to only domain computers? Or is there a third way
> that I don't even know about?
>
> I'd apprecate any advice,
> Wells
>
>
> ------=_NextPart_000_000A_01C72B33.B7087620
> Content-Type: text/html; charset=Windows-1252
> Content-Transfer-Encoding: quoted-printable
> X-Google-AttachSize: 4277
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META http-equiv=Content-Type content="text/html; charset=windows-1252">
> <META content="MSHTML 6.00.5730.11" name=GENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=#ffffff>
> <DIV><FONT face=Arial size=2>Robert,</FONT></DIV>
> <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>Does IPSec need static IP addresses for the domain
> isolation stuff?&nbsp; If so that could be a deciding factor right there.&nbsp;
> Our users have to "sync with Active Directory" because they are out in the field
> all the time (often times more than six hours away from the nearest office) and
> they may need to change their password, or start using a spare laptop that does
> not already have their profile/account loaded if their other laptop
> breaks.&nbsp; Really, there are a number of things that might require them to
> connect to Active Directory.</FONT></DIV>
> <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>I too would prefer a PPTP VPN, my problem here is
> that I can't seem to find a way to make the VPN connection automatic or
> demand-dialed from XP, and my users have difficulty when they do have to use
> it.&nbsp; Really what I want is a VPN client that looks like an ethernet adapter
> and is completely invisible to my users, but I got no traction looking for this
> solution so I am having to think laterally...</FONT></DIV>
> <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
> <DIV><FONT face=Arial size=2>Wells</FONT></DIV>
> <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
> <BLOCKQUOTE dir=ltr
> style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
> <DIV>"Robert L [MVP - Networking]" &lt;<A
> href="private.php?do=newpm&u=">noreply@hotmail. com</A>&gt; wrote in message
> <A
> href="news:O$(E-Mail Removed)"> news:O$(E-Mail Removed)</A>...</DIV>
> <DIV>I beleive PPTP VPN is better in this case because the IPSec need static
> IP (in most cases). Why do you want to sync with Active Directory? Normally,
> our clients using VPN&nbsp;without synchronizing with Active Directory should
> be able to access most VPN resources.</DIV>
> <DIV><FONT face=Arial size=2></FONT><FONT face=Arial size=2></FONT><BR>Bob
> Lin, MS-MVP, MCSE &amp; CNE<BR>Networking, Internet, Routing, VPN
> Troubleshooting on <A
> href="http://www.ChicagoTech.net">http://www.ChicagoTech.net</A> <BR>How to
> Setup Windows, Network, VPN &amp; Remote Access on <A
> href="http://www.HowToNetworking.com">http://www.HowToNetworking.com</A>
> </DIV>
> <BLOCKQUOTE
> style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
> <DIV>"Wells Caughey" &lt;<A
> href="private.php?do=newpm&u=">wellscaughe (E-Mail Removed)</A>&gt;
> wrote in message <A
> href="news:(E-Mail Removed)">n ews:(E-Mail Removed)</A>...</DIV>Hello
> everyone,<BR><BR>The vast majority of my company's users work out in the
> field and rarely, if <BR>ever, come in to a branch office.&nbsp; Now there
> are times when these users need <BR>to access a file server or thier laptop
> needs to sync with Active Directory. <BR>I was thinking that I would let
> them connect to the corporate network via a <BR>VPN, but it turns out there
> is not way to setup Windows XP to demand-dial a <BR>VPN or have a permanent
> VPN connection to the corporate network, and our <BR>users get confused and
> frustrated about having to manually connect the VPN.<BR><BR>My question here
> is, should I continue with the VPN strategy, or should I <BR>switch gears
> and make the domain controllers visible on the Internet and use <BR>IPSEC to
> retstrict access to only domain computers?&nbsp; Or is there a third way
> <BR>that I don't even know about?<BR><BR>I'd apprecate any advice,<BR>Wells
> <BR><BR></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>
>
> ------=_NextPart_000_000A_01C72B33.B7087620--

Yes, I have tried the "Log on using a Dial-Up connection," but my users are not technically savvy and I still get support calls because they don't remember to use it. This is why I want something invisible to them and automatic. I am really surprised that Microsoft doesn't have other customers in the same situation...

Wells

"Robert L [MVP - Networking]" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
Have you tried "Use log on using Dial-Up connection"?

logon VPN How to authenticate a remote client to the DC How to limit VPN user logon time VPN logon using NT logon ID and password. Use log on using Dial-Up connection. ...
http://www.chicagotech.net/logonvpn.htm


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Wells Caughey" <(E-Mail Removed)> wrote in message news:%(E-Mail Removed)...
Robert,

Does IPSec need static IP addresses for the domain isolation stuff? If so that could be a deciding factor right there. Our users have to "sync with Active Directory" because they are out in the field all the time (often times more than six hours away from the nearest office) and they may need to change their password, or start using a spare laptop that does not already have their profile/account loaded if their other laptop breaks. Really, there are a number of things that might require them to connect to Active Directory.

I too would prefer a PPTP VPN, my problem here is that I can't seem to find a way to make the VPN connection automatic or demand-dialed from XP, and my users have difficulty when they do have to use it. Really what I want is a VPN client that looks like an ethernet adapter and is completely invisible to my users, but I got no traction looking for this solution so I am having to think laterally...

Wells

"Robert L [MVP - Networking]" <(E-Mail Removed)> wrote in message news:O$(E-Mail Removed)...
I beleive PPTP VPN is better in this case because the IPSec need static IP (in most cases). Why do you want to sync with Active Directory? Normally, our clients using VPN without synchronizing with Active Directory should be able to access most VPN resources.

Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
"Wells Caughey" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
Hello everyone,

The vast majority of my company's users work out in the field and rarely, if
ever, come in to a branch office. Now there are times when these users need
to access a file server or thier laptop needs to sync with Active Directory.
I was thinking that I would let them connect to the corporate network via a
VPN, but it turns out there is not way to setup Windows XP to demand-dial a
VPN or have a permanent VPN connection to the corporate network, and our
users get confused and frustrated about having to manually connect the VPN.

My question here is, should I continue with the VPN strategy, or should I
switch gears and make the domain controllers visible on the Internet and use
IPSEC to retstrict access to only domain computers? Or is there a third way
that I don't even know about?

I'd apprecate any advice,
Wells

Jerome,

This looks like exactly what I've been looking for!

Thanks,
Wells

"Jerome Baum" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
>I have an idea of a solution which could work for you, but it uses
> third-party software, so I don't know if you are willing to deploy
> that. Anyway, take a look at OpenVPN (http://openvpn.net/). This can
> run as a service (even with a hidden ethernet adapter so the whole
> thing is transparent to your users) and should thus be suitable for
> your purposes.
>
> You would need to open up one port, but it is your choice which one
> (you are not bound to Microsoft's choice for the port, which is the
> reason why I chose OpenVPN).
>
> Worth taking a look at. If you need help with the configuration, feel
> free to ask - it can be a challenge to get it working at first, but
> once it is working, it is brilliant.
>
> -jerome
>
> Wells Caughey wrote:
>
>> Robert,
>>
>> Does IPSec need static IP addresses for the domain isolation stuff? If
>> so that could be a deciding factor right there. Our users have to "sync
>> with Active Directory" because they are out in the field all the time
>> (often times more than six hours away from the nearest office) and they
>> may need to change their password, or start using a spare laptop that
>> does not already have their profile/account loaded if their other laptop
>> breaks. Really, there are a number of things that might require them to
>> connect to Active Directory.
>>
>> I too would prefer a PPTP VPN, my problem here is that I can't seem to
>> find a way to make the VPN connection automatic or demand-dialed from XP,
>> and my users have difficulty when they do have to use it. Really what I
>> want is a VPN client that looks like an ethernet adapter and is
>> completely invisible to my users, but I got no traction looking for this
>> solution so I am having to think laterally...
>>
>> Wells
>>
>> "Robert L [MVP - Networking]" <(E-Mail Removed)> wrote in message
>> news:O$(E-Mail Removed)...
>> I beleive PPTP VPN is better in this case because the IPSec need static
>> IP (in most cases). Why do you want to sync with Active Directory?
>> Normally, our clients using VPN without synchronizing with Active
>> Directory should be able to access most VPN resources.
>>
>> Bob Lin, MS-MVP, MCSE & CNE
>> Networking, Internet, Routing, VPN Troubleshooting on
>> http://www.ChicagoTech.net
>> How to Setup Windows, Network, VPN & Remote Access on
>> http://www.HowToNetworking.com
>> "Wells Caughey" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>> Hello everyone,
>>
>> The vast majority of my company's users work out in the field and
>> rarely, if
>> ever, come in to a branch office. Now there are times when these
>> users need
>> to access a file server or thier laptop needs to sync with Active
>> Directory.
>> I was thinking that I would let them connect to the corporate network
>> via a
>> VPN, but it turns out there is not way to setup Windows XP to
>> demand-dial a
>> VPN or have a permanent VPN connection to the corporate network, and
>> our
>> users get confused and frustrated about having to manually connect
>> the VPN.
>>
>> My question here is, should I continue with the VPN strategy, or
>> should I
>> switch gears and make the domain controllers visible on the Internet
>> and use
>> IPSEC to retstrict access to only domain computers? Or is there a
>> third way
>> that I don't even know about?
>>
>> I'd apprecate any advice,
>> Wells
>>
>>
>> ------=_NextPart_000_000A_01C72B33.B7087620
>> Content-Type: text/html; charset=Windows-1252
>> Content-Transfer-Encoding: quoted-printable
>> X-Google-AttachSize: 4277
>>
>> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
>> <HTML><HEAD>
>> <META http-equiv=Content-Type content="text/html; charset=windows-1252">
>> <META content="MSHTML 6.00.5730.11" name=GENERATOR>
>> <STYLE></STYLE>
>> </HEAD>
>> <BODY bgColor=#ffffff>
>> <DIV><FONT face=Arial size=2>Robert,</FONT></DIV>
>> <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
>> <DIV><FONT face=Arial size=2>Does IPSec need static IP addresses for the
>> domain
>> isolation stuff?&nbsp; If so that could be a deciding factor right
>> there.&nbsp;
>> Our users have to "sync with Active Directory" because they are out in
>> the field
>> all the time (often times more than six hours away from the nearest
>> office) and
>> they may need to change their password, or start using a spare laptop
>> that does
>> not already have their profile/account loaded if their other laptop
>> breaks.&nbsp; Really, there are a number of things that might require
>> them to
>> connect to Active Directory.</FONT></DIV>
>> <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
>> <DIV><FONT face=Arial size=2>I too would prefer a PPTP VPN, my problem
>> here is
>> that I can't seem to find a way to make the VPN connection automatic or
>> demand-dialed from XP, and my users have difficulty when they do have to
>> use
>> it.&nbsp; Really what I want is a VPN client that looks like an ethernet
>> adapter
>> and is completely invisible to my users, but I got no traction looking
>> for this
>> solution so I am having to think laterally...</FONT></DIV>
>> <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
>> <DIV><FONT face=Arial size=2>Wells</FONT></DIV>
>> <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
>> <BLOCKQUOTE dir=ltr
>> style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px;
>> BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
>> <DIV>"Robert L [MVP - Networking]" &lt;<A
>> href="private.php?do=newpm&u=">noreply@hotmail. com</A>&gt; wrote in
>> message
>> <A
>>
>> href="news:O$(E-Mail Removed)"> news:O$(E-Mail Removed)</A>...</DIV>
>> <DIV>I beleive PPTP VPN is better in this case because the IPSec need
>> static
>> IP (in most cases). Why do you want to sync with Active Directory?
>> Normally,
>> our clients using VPN&nbsp;without synchronizing with Active Directory
>> should
>> be able to access most VPN resources.</DIV>
>> <DIV><FONT face=Arial size=2></FONT><FONT face=Arial
>> size=2></FONT><BR>Bob
>> Lin, MS-MVP, MCSE &amp; CNE<BR>Networking, Internet, Routing, VPN
>> Troubleshooting on <A
>> href="http://www.ChicagoTech.net">http://www.ChicagoTech.net</A>
>> <BR>How to
>> Setup Windows, Network, VPN &amp; Remote Access on <A
>>
>> href="http://www.HowToNetworking.com">http://www.HowToNetworking.com</A>
>> </DIV>
>> <BLOCKQUOTE
>> style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px;
>> BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
>> <DIV>"Wells Caughey" &lt;<A
>>
>> href="private.php?do=newpm&u=">wellscaughe (E-Mail Removed)</A>&gt;
>> wrote in message <A
>>
>> href="news:(E-Mail Removed)">n ews:(E-Mail Removed)</A>...</DIV>Hello
>> everyone,<BR><BR>The vast majority of my company's users work out in
>> the
>> field and rarely, if <BR>ever, come in to a branch office.&nbsp; Now
>> there
>> are times when these users need <BR>to access a file server or thier
>> laptop
>> needs to sync with Active Directory. <BR>I was thinking that I would
>> let
>> them connect to the corporate network via a <BR>VPN, but it turns out
>> there
>> is not way to setup Windows XP to demand-dial a <BR>VPN or have a
>> permanent
>> VPN connection to the corporate network, and our <BR>users get
>> confused and
>> frustrated about having to manually connect the VPN.<BR><BR>My
>> question here
>> is, should I continue with the VPN strategy, or should I <BR>switch
>> gears
>> and make the domain controllers visible on the Internet and use
>> <BR>IPSEC to
>> retstrict access to only domain computers?&nbsp; Or is there a third
>> way
>> <BR>that I don't even know about?<BR><BR>I'd apprecate any
>> advice,<BR>Wells
>> <BR><BR></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>
>>
>> ------=_NextPart_000_000A_01C72B33.B7087620--
>