Re: RDP over VPN Concepts

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 01/22/05

• Next message: S. Pidgorny : "Re: CA's Key on Smart Card Problem"
• Previous message: Steven L Umbach: "Re: Permissions assignment ?"
• In reply to: Frank Lewandowski: "RDP over VPN Concepts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sat, 22 Jan 2005 15:31:13 -0600

I don't know exactly how you have your VPN setup but you can tunnel through
the VPN connection to the lan IP address of the server for RDP or you can
use RDP directly to the web server by opening port 3389 TCP for RDP access.
If you have an existing VPN server that can accept l2tp, that would be the
way to go for best security as only users with trusted computer certificates
could logon to the VPN. If you go the direct port 3389 TCP connection, you
can greatly increase security if your firewall rules will accept incoming
port 3389 from just authorized IP addresses instead of "any". RDP does use
strong encryption by default if using W2K/XP Pro/W2003. Be sure to restrict
which users can connect via RDP and use very strong password for those
accounts. --- Steve

"Frank Lewandowski" <g-u-r-u@despammed.com> wrote in message
news:csrupb$8t8$05$1@news.t-online.com...
> Hello!
>
> I have an IIS 6 Webserver up and running on the internet. Now i want to
> secure it a bit more. The Server is running with IISShield and the IPSec
> Filters i have configured with IPFront.
>
> I could connect the Server over RDP. I want to secure this and set an VPN
> for this connection.
>
> Does anyone of you have concepts, documentations or howto´s?
>
> Kind regards
> Franky
> --
> cygwin FAQ (deutsch): http://guru.wallerbach.de/cygwin/faq.php
> cygwin Linksammlung: http://guru.wallerbach.de/cygwin/

---

• Next message: S. Pidgorny : "Re: CA's Key on Smart Card Problem"
• Previous message: Steven L Umbach: "Re: Permissions assignment ?"
• In reply to: Frank Lewandowski: "RDP over VPN Concepts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: VPN issue on SBS2003 ... I understand that you encountered VPN connection issue when you use VPN to ... Internet clients or VPN to external VPN Server from SBS Client computers? ... Configure E-mail and Internet Connection Wizard ... Total GRE packets sent = 1 ... (microsoft.public.windows.server.sbs) RE: PPTP VPN connection problems ... The problem is that the VPN does not disconnect. ... However after some idle period I can not send packets across the connection. ... A ping to the server would result in "Request timed out". ... If I connect with the VPN client locally to the internet ... (microsoft.public.windows.server.sbs) Re: VPN Ports to Open ... the VPN connection after you change the firewall before SBS. ... On the server, please stop the Routing and Remote Access service. ... Total GRE packets sent = 1 ... (microsoft.public.windows.server.sbs) Re: Windows 2003 VPN Default Gateway Issues ... Ethernet adapter Local Area Connection: ... If the VPN server is configured to use a static IP address ... the default gateway on the client is not the problem. ... (microsoft.public.windows.server.networking) RE: VPN Connectivity issues through LAN ... I understand that you cannot ping SBS after ... you can establish VPN connection from the remote LAN. ... You have to rerun the CEICW to make sure your SBS 2003 server have right ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)