No announcement yet.
  • Filter
  • Time
  • Show
Clear All
new posts

  • VPN Conentrator

    Is the username and password required or can I just the MAC Whitelist to authenticate phones.

    It appears to me that a MAC Whitelist just provides two factor authentication.

    If usernames are required, can I just configure one username and password in the 4500 database and just provide the same to each user?


  • #2
    The Username and Password are nessary and are great for refrencing the users when looking at the active stunnel's.

    For what it is worth I personally think if you have a firewall/proxy of some sort in front of the wan interface of the concentrator and only allow port (443) through is good enough.The white list is all good but these days if someone wants in and the gate is wide open and we are depending on a layer 2 security to stop them it is most likely to late.

    Also i would change the VPN port of the ShoreTel concentrator to be some thing other then 443 that is if you have a office VPN that these users will be using as well. most likely the users home router will not allow both the phone and the pc to build a tunnel using the same port.

    Make sure your users don't connect there PC through the phone's if planing on using there office VPN on these PC's.

    Hope this helps
    Last edited by JMozee; 02-14-2010, 09:54 PM.