Re: Please help with my lack of understanding

From: Leythos <void@xxxxxxxxxxx>
Date: Wed, 12 Dec 2007 22:15:20 -0500

In article <B4683611-DB9B-4A63-B353-3E7FC951B1C5@xxxxxxxxxxxxx>, x@xxx
says...

Then the trick is not to do what "most people" do ...

I never said to open the firewall to all traffic. When I set something like
this up, I set up the firewall to allow VPN/PPTP/GRE traffic through to the
server, and nothing else.

That's for the actual tunnel, but what about inside the tunnel, does the
TUNNEL once created, provide the user complete access to all IP in the
network? What about ALL ports?

You have your "Firewall" pass VPN/PPTP/GRE to the server, so the server
does the VPN, but, the firewall is not doing the restriction of what the
VPN users can reach, the server, once they get a VPN, is doing the
restriction.

So, once they VPN into the server, do they have ALL ports exposed
to/from the server through the VPN tunnel?

If they do, then it's not at all what I'm talking about for limiting
their access.

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@xxxxxxxxxx (remove 999 for proper email address)
.

Follow-Ups:
- Re: Please help with my lack of understanding
  - From: Charles Lavin

References:
- Please help with my lack of understanding
  - From: t . kinser
- Re: Please help with my lack of understanding
  - From: Charles Lavin
- Re: Please help with my lack of understanding
  - From: t . kinser
- Re: Please help with my lack of understanding
  - From: Leythos
- Re: Please help with my lack of understanding
  - From: t . kinser
- Re: Please help with my lack of understanding
  - From: Charles Lavin
- Re: Please help with my lack of understanding
  - From: Leythos
- Re: Please help with my lack of understanding
  - From: Charles Lavin

Prev by Date: Re: Printing Issue
Next by Date: Re: Please help with my lack of understanding
Previous by thread: Re: Please help with my lack of understanding
Next by thread: Re: Please help with my lack of understanding
Index(es):
- Date
- Thread

Relevant Pages

Re: More on Remote Desktop
... Chances are good, though, that he's already got VPN capabilities on his ... firewall to do it for $100. ... > server at home...or purchase additional/new hardware... ... >> my firewall makes the PPPoE connection to my ADSL ISP. ...
(microsoft.public.windowsxp.network_web)
Re: More on Remote Desktop
... You realize the Remote Desktop data stream is encrypted the same as a PPTP VPN link... ... Unless of course the original poster wants to implement an L2TP/IPSec VPN server at home...or ... > firewall to get between your clients and server on your own LAN. ... > setup so that my firewall makes the PPPoE connection to my ADSL ISP. ...
(microsoft.public.windowsxp.network_web)
Re: VPN Firewall for new webserver
... > I'm setting up a webserver at a colocation and I need to put a VPN ... You're not going to get a quality firewall for that amount, ... and D-Link makes a DI-804HV unit ... users access to the SQL server, let them do it through a VPN session. ...
(comp.security.firewalls)
Re: Cant logon to computer in SBS Domain..
... Does the user can access and log on to the Remote Web Workplace? ... Whether you can connect and log on to the server desktop through RWW? ... On the Firewall page, ensure that Enable firewall is selected. ... About External Firewall VPN ...
(microsoft.public.windows.server.sbs)
Re: Setting up SBS 2000 w/SonicWall Firewall VPN, Need help.
... what I'm tyring to do is simply get our VPN to work. ... installed the sonicwall client software on ... pipe from my home to the firewall. ... how to I access the server so I can send/retrieve data? ...
(microsoft.public.backoffice.smallbiz2000)