Same here - my 2nd port is on my internal network - Run my Radius on the Internal network only. Word of caution: When doing this, you should be aware that your Dial-up users have access to your internal network, so you still have to make sure everything on your network is relatively secure. Because the ARC is a router, it routes between different subnets, particularly between the one for your dial-up users and your internal network. For example: if my internal network is 192.168.1.x, and I have a web site for internal use configured on 192.168.1.10, any dial-up user, regardless of their IP address, can get to 192.168.1.10 just by typing that address into their browser. Probably a way to prevent this, but by default this is the case. - Joel -----Original Message----- From: Lewis Bergman [mailto:lbergman@wtxs.net] Sent: Tuesday, October 29, 2002 12:30 PM To: usr-tc@mailman.xmission.com Subject: Re: [USR-TC] HiperArc configs
Speaking of 2nd ethernet port, I was wondering what are people using that 2'nd port for? Does it need to be in a separate subnet from the other port? I have my second port configured for my private ip space, I have a single user configured for this so that your assigned a static private ip. This way I can get into my server remotely but use tools I might not want to be routable over the internet or do other tasks on my private lan. I also use the private lan to do all radius stuff and snmp and so forth so it isn't on the same network as my customers traffic. -- Lewis Bergman Texas Communications 4309 Maple St. Abilene, TX 79602-8044 915-695-6962 ext 115
_______________________________________________ USR-TC mailing list USR-TC@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/usr-tc