RE: Allowing secure external access.

["Tim - IBL" <timv () iceburnslair com>]

I know with smoothwall, which is where ipcop has it;s roots, it's a
freeswan ipsec.  There are utilities out there (there used to be a
"clients" page www.freeswan.org I think) that can let you connect in.

Googling for "freeswan client" and possibly win2k or XP would get you
some hits, but this might help http://vpn.ebootis.de/ .

-t

-----Original Message-----
From: Shaolin Tiger [mailto:shaolin () shaolin-tiger com] 
Sent: Monday, October 28, 2002 1:27 PM
To: security-basics () securityfocus com
Subject: Allowing secure external access.

Hi all,

Just a quick query really..I'm pretty new to allowing people to come in
from
outside, I usually spend most of my time trying to stop them ;)

I need to allow access to our internal database and application to the
sales
manager who spends all his time outside..

I have an IPCop firewall which I believe has some VPN support, but only
supports end to end connections, like 1 IPCop box to another, as far as
I
can understand from reading the docs.

I know in 2k and XP you can choose VPN when creating a new connection in
network settings and enter a server IP but I don't think this would work
with the IPCop machine.

The sales guy will be using an XP laptop.

The other option I thought of is having a dedicated machine inside using
VNC
or something and a port forward, but I don't think this is very secure.

We do have terminal services on our PDC but it is allready overloaded
and I
wouldn't wish to put this extra burden on it...it may just give up.

What other options do I have? Preferably free, or cheap and secure to
put my
mind at rest opening up a hole in the firewall.

Any suggestions appreciated.

Shaolin

.: http://www.security-forums.com :.

         Share your knowledge
          It's a way to achieve
                Immortality.