RE: Allowing secure external access.

["Russell Morrison" <rmorrison () axys net>]

Have a look at www.expertcity.com for the GoToMyPC product which does
not require you to open up an inbound connection and still requires the
remote user to login to the internal network once they connect using
various passwords.  Pretty cool product.

HTH

Russell

-----Original Message-----
From: Shaolin Tiger [mailto:shaolin () shaolin-tiger com] 
Sent: October 28, 2002 12:27 PM
To: security-basics () securityfocus com
Subject: Allowing secure external access.


Hi all,

Just a quick query really..I'm pretty new to allowing people to come in
from outside, I usually spend most of my time trying to stop them ;)

I need to allow access to our internal database and application to the
sales manager who spends all his time outside..

I have an IPCop firewall which I believe has some VPN support, but only
supports end to end connections, like 1 IPCop box to another, as far as
I can understand from reading the docs.

I know in 2k and XP you can choose VPN when creating a new connection in
network settings and enter a server IP but I don't think this would work
with the IPCop machine.

The sales guy will be using an XP laptop.

The other option I thought of is having a dedicated machine inside using
VNC or something and a port forward, but I don't think this is very
secure.

We do have terminal services on our PDC but it is allready overloaded
and I wouldn't wish to put this extra burden on it...it may just give
up.

What other options do I have? Preferably free, or cheap and secure to
put my mind at rest opening up a hole in the firewall.

Any suggestions appreciated.

Shaolin

.: http://www.security-forums.com :.

         Share your knowledge
          It's a way to achieve
                Immortality.