Re: RRAS configuration

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Bill Grant" <not.available@online>
Date: Mon, 19 Dec 2005 12:25:41 +1100

There are lots of different opinions and it depends a bit on how your
network is configured.

My personal opinion is that if all your network is reachable from the
firewall device and this device is capable of acting as a VPN server, do
that. It is the simplest routing setup because the firewall is already the
default gateway for the LAN.

The only thing that would push me to favour the RRAS server on the LAN
would be if you want the remote clients to authenticate against your Windows
user database.

perfimage wrote:
> I have searched the net for a while and am wondering which is
> considered the "best practice"...punching holes in my linux/shorewall
> firewall, DNATing traffic intended for VPN connections to a Win2k3
> RRAS server behind the firewall or making the linux/shorewall box the
> VPN server and connecting to it then the network behind it.
>
> I have seen both scenarios documented, though there doesn't seem to
> be a clearly defined opinion as to which scenario is preferred.
>
> Thanks.

.

Prev by Date: Re: Network Connections window blank
Next by Date: Re: RRAS configuration
Previous by thread: Re: server 2003 and xp pro
Next by thread: Re: RRAS configuration
Index(es):
- Date
- Thread

Relevant Pages

Re: VPN Server not as a gateway.
... interfaces and sit between the outside line and the internal network. ... What I want is a vpn server I can just attach to the lan switch with ... install than a gateway/ firewall install. ...
(comp.os.linux.networking)
Re: XPs Firewall
... It's crappy in your opinion. ... unknown/untrusted network. ... should have a firewall protecting the system. ...
(microsoft.public.security.virus)
Re: VPN server with a firewall
... Posting on MS newsgroup will benefit all readers and you may get more help. ... How to Setup Windows, Network, Remote Access on http://www.HowToNetworking.com ... just can't integrate the thing with my firewall. ... firewall people say I should make it a single card VPN server and put it ...
(microsoft.public.win2000.ras_routing)
RE: Microsoft Win2k VPN server placement
... I agree with your point on firewall policy, ... Whether on the internal network alone, or attached to the public network ... the output from the VPN server may not be on the ... with only one account having dial-in permissions (and not the admin ...
(Focus-Microsoft)
IPSec VPN & NATD (problem with alias_address vs redirect_address)
... I setup a firewall with ipfw2 and natd on freebsd 4.9 release. ... 5 person at a time (on my network) could dial to ... communicate to the same vpn server? ...
(freebsd-isp)