Security Basics mailing list archives
Re: Risk from VPN client connections from enterprise network
From: gazwj () fastmail fm
Date: 9 May 2006 09:10:37 -0000
Yes you would appear "locally" connected via the VPN to the suppliers server. The server could not however initiate new connections to you once the VPN is torn down. The best solution would be a single static VPN tunnel that your workstations could use, just in the interest of central management. That aside you basically need personal firewalls on all the workstations that will VPN. Leave only essential ports open to that VPN interface. Also check whichever firewall you use does its filtering AFTER the vpn link is unbundled. (You may find during testing that you have some connectivity issues with all that NAT'ing going on too)
Current thread:
- Risk from VPN client connections from enterprise network Dan Lynch (May 08)
- RE: Risk from VPN client connections from enterprise network Mehmet Buyukozer (May 10)
- <Possible follow-ups>
- Re: Risk from VPN client connections from enterprise network daleriver (May 09)
- Re: Risk from VPN client connections from enterprise network gazwj (May 09)