Re: Internet through VPN
- From: "Matabra" <Matabra@xxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 14 Aug 2008 13:55:18 +0100
Well why would the users want to change the option?
Its still going to be much faster for them to access the internet locally.
I think this is a training thing more than a technical requirement. You wont be able to do anything on the SBS server, as you need your VPN Clients to connect to it.
Set the option and monitor their use. If needsbe take disciplinary measures. But a technical solution to this will most probably be overkill
Regards,
Matt
"Thomas Raasch" <nospam@xxxxxxxxxx> wrote in message news:err6Kwg$IHA.1224@xxxxxxxxxxxxxxxxxxxxxxx
Hi Matt,.
thanks for your reply,
"Matabra" <Matabra@xxxxxxxxxxxxxxxxxxxx> schrieb im Newsbeitrag news:eZimnQg$IHA.4032@xxxxxxxxxxxxxxxxxxxxxxxHi,
Do you want your clients to be able to access the internet at the same time as they are connected through the VPN?
yes, it would be very nice
some clients connect to the VPN and then stay connected for hours... it would be bad when the internet won't work in this time
However, as a last possibility this would be an option for me
before they use the SBS site internet it's better they can't use no internet at all
what options do i have to set to disable all the internet?
Is there any specific reason you dont want them using the internet connection at the SBS site?
on one hand it's a bandwith-problem - e.g. when 3 clients try to get windows-updates through the vpn and at the same time 2 other clients make some downloads and so on and so on...
The internet connection at the SBS site is like 16 MBit download and only 1 MBit upload. This is already a bottleneck - even when no client do some downloads
on the other hand there are some "law-problems" - e.g. some vpn-client-users do illegal things like sharing copyrighted music (edonkey or torrent) or they download some illegal pornographic stuff or they post some anti-semitic in official forums or something like this
if 1 week later the police knocks on my door i will be the one who has to explain and to evidence
One way you could do it , (depending on your external firewall at the SBS site) would be to block traffic coming from the VPN clients,
till now there is no firewall on the SBS site except the builtin-one in the router. This router-firewall can not be configured... you can only activate or deactivate it.
Maybe i can use a software-firewall on the sbs-machine? Do you have any suggestions?
Otherwise , send out a new VPN Config file with the "use remote gateway" unchecked and they will use their own gateway.
this would be possible but maybe some users have a little knowledge on networking and can handle google - they would easiely find this option and set it back to its default...
So the only real way is to block internet through vpn, am i right?
Regards,
Thomas
- Follow-Ups:
- Re: Internet through VPN
- From: Thomas Raasch
- Re: Internet through VPN
- References:
- Internet through VPN
- From: Thomas Raasch
- Re: Internet through VPN
- From: Matabra
- Re: Internet through VPN
- From: Thomas Raasch
- Internet through VPN
- Prev by Date: Re: Internet through VPN
- Next by Date: Re: SBS 2003 Misconfigured?
- Previous by thread: Re: Internet through VPN
- Next by thread: Re: Internet through VPN
- Index(es):
Relevant Pages
|
