I've got my website restricting access by Client Certificates using a standalone CA.
Now I want to enforce client certificates for external users but allow internal users to connect directly so that I can restrict certain folders to authorised users only. I don't necessarily need the certificate to log the user in but just stop others accessing the pages.
This will reduce the number of certificates that need to be managed.
Is there anyway to do this - Does IIS have the same concept of require-valid-user that Apache has?
Thank you for any advice / help given