|
Posted by Roger Abell [MVP] on January 25, 2007, 10:35 am
If you were Registered and logged in, you could reply and use other advanced thread options
is based on the account that is accessing, not the machine from
which the access originates.
You mentioned cert vs kerberos, but not whether you are
sure you are not forcing encryption of entire packet content,
which could be part of a slowing.
> It's slow also ipsec with kerberos.
> The server and the client is on test environment on Vmware GSX Server
> connected on wireless network.
> Probably my conf is wrong...
> The parameter of security option doesn't help me?
> Can I set the parameters of network access that helps me? What?
> Thanks
> Marianna
>
>> Have you tried IPsec based on Kerberos instead of certs,
>> and are you sure whether the slowing you mention is due
>> to having defined encryption of the entire packet to happen
>> instead of only enforcing a secure IPsec asssociation for
>> the traffic? At this time, using IPsec is the industry defined
>> way to ascertain the endpoints in a network exchange.
>>
>>> Hi,
>>> is it possible to use the certificate, created from my CA (generated on
>>> Windows 2003 Server Enterprise - CA Standalone or CA integrated with
>>> AD), to access to network shares so that I am sure that the pc connected
>>> is really that pc ?
>>> And I can disable the possibility that anyone, knowing the user
>>> credential, with a pc not authorized, can to be connect to network
>>> shares ?
>>> I cannot use the smart card for now and, configuring the network to use
>>> IPsec and certificate, is very very slow the access to the network
>>> shares.
>>>
>>> That one I ask, is it possible?
>>> If yes, there is any documentation?
>>>
>>> Thanks
>>> Marianna
>>>
>>
>>
>
>
| 
XML site map