I have reached the limit of my networking knowledge-- it's time to bring in the guns.
I have two requirements- I'm sure there's many ways to suck this egg, but I have no idea what's best or practical. Hoping somebody can get me pointed in the right direction.
My LAN needs to have two things:
(a) Separate segments/sandboxes to isolate networks/machines. Need at least 3
(b) VPN access to segments must be done on a user/machine level. In other words, if User "x" is assigned to "segment 1" he only gets that segment.
One answer is could be port based authentication- but I am ridiculously unsure how vpn clients articluate the RADIUS or 802.1 authetication to the ports.
Another option could be using Windows2003 RRAS.
I have some familiarity with the Linksys RVS4000 and am certainly open to changing products/vendors/ sloution sets.
Any ideas out there?
I have two requirements- I'm sure there's many ways to suck this egg, but I have no idea what's best or practical. Hoping somebody can get me pointed in the right direction.
My LAN needs to have two things:
(a) Separate segments/sandboxes to isolate networks/machines. Need at least 3
(b) VPN access to segments must be done on a user/machine level. In other words, if User "x" is assigned to "segment 1" he only gets that segment.
One answer is could be port based authentication- but I am ridiculously unsure how vpn clients articluate the RADIUS or 802.1 authetication to the ports.
Another option could be using Windows2003 RRAS.
I have some familiarity with the Linksys RVS4000 and am certainly open to changing products/vendors/ sloution sets.
Any ideas out there?
