Firewall Wizards mailing list archives
Re: Opinions on VPN?
From: Andreas Gunnarsson <Andreas.Gunnarsson () emw ericsson se>
Date: Mon, 19 Apr 1999 13:34:07 +0200 (CEST)
On Sat, 17 Apr 1999, Jan B. Koum wrote:
Am I alone in the opinion that VPN mostly suck or is it just because I tend to run into a lot of misconfigured cisco routers which do encrypt data, but also route packets from others into your net :(
I think VPN is a useful tool but you shouldn't allow a VPN through a firewall IMHO. Here is a way to use a VPN: Internal net ----- Firewall ----- external net | VPN-gateway The firewall lets only ipsec (or whatever the VPN is using) through from the outside to the VPN-gateway, and then the firewall can filter the unencrypted traffic that goes to the internal net. If two sites connects this way it should be as secure as the VPN and firewalls. If mobile clients connects to the VPN you have to make sure that the client itself is secure so it can't be used as a way into the VPN via NetBus etc. Andreas ------------------------------------------------------------------------------ Andreas Gunnarsson Nat: 031-7476081 andreas.gunnarsson () emw ericsson se Int: +46 31 7476081 http://www.dd.chalmers.se/~zzlevo/ Fax: 031-7473771
Current thread:
- Opinions on VPN? Jan B. Koum (Apr 18)
- Re: Opinions on VPN? Frederick M Avolio (Apr 19)
- Re: Opinions on VPN? Andreas Gunnarsson (Apr 19)
- Re: Opinions on VPN? Jonathan Poole (Apr 20)
- Re: Opinions on VPN? Rick Smith (Apr 20)
- Message not available
- Re: Opinions on VPN? dreamwvr (Apr 20)
- <Possible follow-ups>
- Re: Opinions on VPN? Ryan Russell (Apr 19)
- Re: Opinions on VPN? Paul M. Cardon (Apr 20)
- RE: Opinions on VPN? Kyle Starkey (Apr 20)
- RE: Opinions on VPN? Litney, Tom (Apr 20)
- Re: Opinions on VPN? Philip S Holt, Security Engineer / Network Engineer (Apr 21)
- RE: Opinions on VPN? John McDonald (Apr 20)
- RE: Opinions on VPN? dreamwvr (Apr 21)