Hello All,

I want to limit which users attempting to login to our VPN
can authenticate.

I have the Following setup:
Cisco VPN --> Radius Server --> BM <-> NDS

The Radius Server/BM is also used for dial authentication therefore it

everyone on the network must be allowed authenticate (when they're athome, etc)..

Currently, everyone in the NDS tree can authenticate through the VPN
(which we don't want)... There is a Dial Access Profile placed at thetop of each container...

How can I limit the use of the VPN? Will this require the use of theLPO? or will this much simpler? Am I anywhere near the right track?

Any insight is appreciated.

Thanks in advance...