Re: Possible security implications when using VPN and XP Client
- From: "John Neystadt [MSFT]" <jney@xxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 25 Apr 2006 02:04:17 +0300
Hi Tommy,
Windows VPN client is not part of ISA, it is part of Windows OS. So this
questions belongs to RAS.
I am not sure I understand your concern. As far as I can see this, there is
not a security hole - if user changes this property, he can achieve the same
would he just disconnected VPN connection - he will be connected back to the
Internet.
---------------------------------------------------------------------------
"This posting is provided "AS IS" with no warranties, and confers no
rights."
"Tommy" <Tommy@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:739A81B0-C405-40DC-AD80-039306F7D39F@xxxxxxxxxxxxxxxx
Hi,
I have set up ISA Server as our VPN server which my remote users access.
On each of the clients (using XP) we use the standard VPN connection that
you can setup from the Network Connections section.
When that connection is setup and the connection is made, this then
restricts browser communications to the local office network only (regular
internet activity stops working unless the Firewall Client is installed)
However, I have discovered that by editing the VPN connection on the
client,
by editing the TCP-IP Advanced properties, I can deselect the "use default
gateway on remote network" option - this then allows internet browsing to
work when connected via to the VPN server.
Is this a security loophole in any way? When I was learning ISA Server, it
was always emphasised that ISA server stops this kind of thing to keep
security tight.
Can anyone shed any light on this?
Thanks
Tommy Addison
.
- Prev by Date: Re: Cisco VPN client connecting trough ISA 2004 - problem
- Next by Date: Re: Cisco VPN client connecting trough ISA 2004 - problem
- Previous by thread: Certificate request problem
- Next by thread: Re: VPN access problem- for new users
- Index(es):
Relevant Pages
|
