home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.dcom.vpn      VPN protocols, clients, awesomeness      2,349 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 1,297 of 2,349   
   Mike Drechsler - SPAM PROTECTED EMA to Lei Hu   
   Re: W2k3 server with only one network ca   
   28 Oct 04 06:01:44   
   
   From: mike-newsgroup@-DELETETHISPART-.upcraft.com   
      
   Lei Hu wrote:   
   > Hi there,   
   >   
   > I learnt from documents that to run VPN on a win2k/2k3 server, it needs two   
   > network cards: one connected to the Internet, and one to the LAN. That's   
   > fine, and I understand this. However, our 2k3 server has only one NIC, and   
   > we configured the VPN, and it's working fine. Saying that, I'd still like to   
   > know if there's any problem (mainly security issues I guess) with this   
   > solution. Hope your Experts can explain to me. Thanks!   
   >   
   > This is what we have. We have about 20 machines with one win2k3 server, all   
   > networked. The server functions as the domain controller, terminal server,   
   > file server, etc.. And we have an ADSL modem with built in router for the   
   > broadband connection. I think this is a typical network structure in today's   
   > small businesss company.   
   >   
   > Now we have a new branch in a different suburb, and people there would like   
   > to access the data and use the terminal service in the main branch. So we   
   > configured the 2k3 server to add VPN services. We then modified the   
   > modem/router configuration to open the VPN port (actually, this is the only   
   > port opened). Everything is working fine to me. But back to my question   
   > above, is there any security pitfall with this? Or, do you guys have any   
   > other smarter ideas to achieve this?   
   >   
   > Thanks!!   
   >   
   > Lei   
      
   This setup is fine.  You usually need 2 network cards if the server is   
   providing the internet accesss to the rest of the network (acting as the   
   router).   
      
      
      
   --   
   WARNING!  Email address has been altered for spam resistance.   
   Please remove the -deletethispart-. section before replying directly.   
   Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca