Restricting Ports VPN Users Can Access

Restricting Ports VPN Users Can Access

NewsGroups | Search | Tools
 comp.dcom.vpn  Post an article  get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content  add this group's latest topics to your Google content  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
Restricting Ports VPN Users Can Access zacware 10-11-2007
Posted by on October 11, 2007, 3:13 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Our problem is that we currently have a VPN setup on our own for use
by our IT department. And It works great.

The current problem though is that now we want our new outside sales
force of 5 to be able to VPN in, and if they do VPN in, I only want
them to have access to a very limited set of ports (HTTP, POP, SMTP,
maybe a few others)

Our firewall sits in front of our VPN, so once someone VPN's in, they
have full access to every port. We don't want that.

We are stuck in that we've been unable to find an easy solution that
will let us restrict VPN users to a limited set of ports once they log
in.

Any Help is Appreciated. Thanks!


home networking made easy, greater protection, less stress, introducing nm 5.0, 728x90
Posted by Lutz Donnerhacke on October 11, 2007, 4:08 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
* zacware@mac.com wrote:
> The current problem though is that now we want our new outside sales
> force of 5 to be able to VPN in, and if they do VPN in, I only want
> them to have access to a very limited set of ports (HTTP, POP, SMTP,
> maybe a few others)

Every VPN box should be able to apply per user restrictions.
Consult your manual.

Posted by Mike Drechsler - SPAM PROTECTE on October 12, 2007, 3:15 am
If you were  Registered and logged in, you could reply and use other advanced thread options
zacware@mac.com wrote:
> Our problem is that we currently have a VPN setup on our own for use
> by our IT department. And It works great.
>
> The current problem though is that now we want our new outside sales
> force of 5 to be able to VPN in, and if they do VPN in, I only want
> them to have access to a very limited set of ports (HTTP, POP, SMTP,
> maybe a few others)
>
> Our firewall sits in front of our VPN, so once someone VPN's in, they
> have full access to every port. We don't want that.
>
> We are stuck in that we've been unable to find an easy solution that
> will let us restrict VPN users to a limited set of ports once they log
> in.
>
> Any Help is Appreciated. Thanks!

You should be able to use the firewall features built into your VPN
server to set a policy on the tunnel traffic.

--
WARNING! Email address has been altered for spam resistance.
Please remove the -deletethispart-. section before replying directly.
Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)

Similar ThreadsPosted
Netscreen(5GT) VPN access for remote Microsoft XP/2000 users May 10, 2005, 12:20 pm
VPN ports June 2, 2005, 1:19 am
How to set up login scripts for VPN users April 5, 2007, 4:14 pm
Dlink IKE VPN - Blocked Ports??? January 4, 2007, 9:23 pm
Ports to open to the firewall (Hide Nat, Cisco VPN) June 3, 2005, 10:48 am
VPN works through wired ports, but with wireless VPN connection not working February 24, 2005, 6:39 am
Event ID 2 reason-code 262 I cant authentica wifi users to widnows 2003 radius via Cisco 4400 Controller. Please help October 25, 2007, 11:15 pm
[HIDE LAN] How to hide a part of hosts into the Lan to at VPN users? April 4, 2005, 10:45 am
[HIDE LAN] Hide a part of hosts into the LAN at VPN users? April 4, 2005, 10:48 am
VPN and Local access June 30, 2005, 11:09 am

other useful resources:
The Federal Communications Commission (FCC)
Telecommunications Industry Association
Electronic and Software Security Products and Services
International Telecommunication Union

Custom CGI Perl and PHP programming by 1-Script.com

Contact Us | Privacy Policy
The site map in XML format XML site map