Re: Windows XP to Windows XP VPNs?

Thanks Bill,

I think I understand it more clearly now...

So in the case of Windows XP to Windows XP, if the
firewalls were configured to allow Remote Desktop port
access only on a second static IP private address, whose
network compenent was common between the two machines, the
packets will find their way through the VPN running on the
Internet betweeen them?

- Eric

>-----Original Message-----
> The situation is that there are two possible routes
between the two
>machines. The route which is used depends on the IP
address used. The
>problem (as you suggested) is how you force the
application to use the
>private IP address (which will be encrypted and encapsulated).
>
> The usual method is to make sure that the firewalls on
the machines will
>block the file sharing ports. This will block file sharing
directly over the
>Internet. It will not block file sharing across the VPN.
The reason for this
>is that,when it passes through the firewall, the VPN data
is encrypted and
>encapsulated. The firewall only sees the "wrapper", not
the encrypted data.
>
>Eric wrote:
>> By "VPN-independent" I mean VPN server-independent of
>> course - ie. the notebook's apps are on another IP address
>> because the gateway VPN server is in a seperate box.
>>
>> But asssuming the KB article does apply to Windows XP,
>> could SP2's firewall be used to make the distinction, while
>> keeping its VPN server port open to the Internet? If so, is
>> there an easy way for end users to switch between firewall
>> configs as the VPN goes up and down?
>>
>> Thanks,
>> - Eric
>>> -----Original Message-----
>>> If a VPN is created between two Windows XP notebooks
>>> connected through different ISPs, will all packets sent for
>>> them in the clear (and not over the VPN) as indicated by
>>> Microsoft concerning VPN clients at
>>>
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/9f6ec678-14ad-48d3-9191-8864fd91a6fd.mspx
>>>
>>> If so, is there any way to force end user applications to
>>> only use a local 10.x.x.x IP address, thus forcing the
>>> traffic over the VPN and not the Internet connection
>>> between the two Windows XP notebooks? Or does this routing
>>> problem mandate the use of a distinct VPN server (Windows
>>> 2003) to create a VPN-independent destination at the server
>>> end?
>>>
>>> Thanks,
>>> - Eric
>>> .
>
>
>.
>
.

Relevant Pages

  • Re: Guide to secure installtion of IIS 5
    ... don't forget a well-configured firewall. ... Do not put the computer onto the network or the Internet until after the ... Follow the instructions for hardening Windows and IIS at ... Install all service packs and security fixes from Microsoft and otherwise ...
    (microsoft.public.inetserver.iis.security)
  • Re: login attempts
    ... > Every day i have on my win2000 iternet server a lots of wrong login ... Windows by default allows ... You also need a firewall. ... the internet, except for those ports you know you're using. ...
    (microsoft.public.win2000.security)
  • Re: SP2 problem connecting to web after instal
    ... > I've just installed SP2 after downloading all Windows updates first. ... > installed from CD after checking with Microsoft that I didn't have any ... > As soon as it finished installing, I disabled their firewall, as I ... > I've checked my Internet settings which seem OK. ...
    (microsoft.public.windowsxp.general)
  • Re: password protection
    ... and cable] and should really consider Windows 2000 / XP. ... sure you're also running antivirus and firewall, ... Internet] to bypass this security. ...
    (microsoft.public.security)
  • Re: Will computers ever be as simple and reliable as a refrigerator?
    ... The problem is that a refrigerator does ONE thing.. ... Your computer is not connected to the Internet. ... using Windows XP "prettifications". ... Why you should use a computer firewall.. ...
    (microsoft.public.windowsxp.help_and_support)
Loading