Re: Risk from VPN client connections from enterprise network

From: gazwj@xxxxxxxxxxx
Date: 9 May 2006 09:10:37 -0000

Yes you would appear "locally" connected via the VPN to the suppliers server. The server could not however initiate new connections to you once the VPN is torn down.

The best solution would be a single static VPN tunnel that your workstations could use, just in the interest of central management. That aside you basically need personal firewalls on all the workstations that will VPN. Leave only essential ports open to that VPN interface.
Also check whichever firewall you use does its filtering AFTER the vpn link is unbundled.

(You may find during testing that you have some connectivity issues with all that NAT'ing going on too)

Prev by Date: Re: Patch Management on Critical Servers (Healthcare)
Next by Date: Re: Macintosh OS X Vulnerabilities (anyone out there?)
Previous by thread: Re: Risk from VPN client connections from enterprise network
Next by thread: Sniffing A VPN Router
Index(es):
- Date
- Thread

Relevant Pages

Re: Industry Standard Security and guest wifi access best practice
... with IPSEC VPN clients has not been positive. ... Then they probably won't support other forms of security. ... to switch all connections into SSL mode. ... Use WPA to encrypt wireless traffic, ...
(alt.internet.wireless)
Re: VPN between office and Home
... Hard Drive as my second location backup for my SBS2003. ... On the XP box at home, go to Control Panel -> Network Connections. ... for my second location backup my main server files. ... That is why I want to get a VPN ternnel instead of client VPN or RWW. ...
(microsoft.public.windows.server.sbs)
Re: DNS resolution order with multihomed host
... I'll try with the VPN ... >> public through Internet. ... > connections through PPTP are by private addresses and are encrypted. ... > need to be open for Active Directory. ...
(microsoft.public.windows.server.dns)
Re: Connect two office buildings network together
... VPN is even slower because of the Protocol Overhead. ... DSL and/or CableTV Internet connections are usually asyncronous connections ... (different speeds in each direction) ... All the files are located in our main server. ...
(microsoft.public.windows.server.networking)
Re: router - firewall
... Adzap, VPN, OpenSwan, ... > connections several ways: ... > the connection is to the Terminal Server, ... > We setup most offices with a VPN into a firewall appliance, ...
(microsoft.public.windows.server.sbs)