13 Aug
2024
13 Aug
'24
6:24 p.m.
Is it possible to, and (if yes) has anyone had experience with setting up an extra listener that requires client certs.
The problem I've got is I still need to support Outlook clients. Fortunately these are located in fixed locations on desktop computers.
Meanwhile, I would like to harden the configuration for road warriors who are all using devices and OSs that play nicer with client certs than Outlook does (well, Outlook doesn't play at all !).
So I was thinking of opening 993 on a seperate IP address with that listener requiring client certificates.
The alternative is, of course a VPN, which is still under consideration as an option. But even then, with the security onion, I'd still rather have both .... :)