Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: VPN Client and Local Service

From: <LordInfidel () directionweb com>
Date: Mon, 13 Dec 2004 15:12:31 -0500
Well, it sounds like they are a quarter right.

If each client machine is making a unique connection to the remote vpn,
and your vpn connection is firewalled (meaning the only traffic that is
allowed out of your network card is to the vpn, no local traffic is
allowed).  Then yes, you will not be able to print to your local network
printer.

There are only 2 ways (not really, but it sounds good) to solve this:

1. Your IT staff will need to make a network to network vpn tunnel.
2. Your IT staff will need to relax the restrictions put on your network
adapter when it connects to the vpn.

Why will they probably not do either of the above?

They probably do not trust your network enough to allow unbridled
NetBIOS traffic thru to their network.  In which case, I would do the
same thing they are doing.

If this is the case, then the best solution would be for users on your
network to use webmail from the exchange server via https (otherwise
known as OWA).  If they are using exchange 5.5 the OWA interface really
sucks.  If it is exchange 2003 , the interface is pretty rockin and acts
just like outlook.

OR

(again if corp. is using exchange 2003) they buy office 2003/outlook
2003 licenses and connect your outlook clients to the exchange server
using rpc over https.  This does not require a vpn session and is still
secure, and allows you to use Outlook instead of OWA.

LordInfidel

-----Original Message-----
From: John Cooper [mailto:jc20041212 () yahoo com] 
Sent: Sunday, December 12, 2004 10:07 PM
To: security-basics () lists securityfocus com
Subject: VPN Client and Local Service

Dear all,
 
We have a LAN and use VPN to connect to remote Exchange server in back
office (we are the client side).  As soon as the connection setup, the
local computer will get one IP address assigned by the remote server.
Afterwards all the local computers could not print because the IP
address of the local printer is in different range.
 
Both our IT admins in two offices said this problem is not possible to
solve, which means if we need to send and receive email, we need to
build up the VPN connection and if we need to print we have to
disconnect. As for our normal users the situation is really ridiculous.
Is it really so difficult to solve the problem?
 
Thanks,
JC




                
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Easier than ever with enhanced search. Learn more.
http://info.mail.yahoo.com/mail_250
Previous By Date Next
Previous By Thread Next

Current thread: