... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

comp.dcom.vpn

VPN protocols, clients, awesomeness

2,348 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 1,299 of 2,348

Mike Drechsler - SPAM PROTECTED EMA to Lei Hu

Re: W2k3 server with only one network ca

28 Oct 04 07:19:19

   From: mike-newsgroup@-DELETETHISPART-.upcraft.com   
      
   Lei Hu wrote:   
   > Thanks Mile!! Because we've already had a router, and no need to use the   
   > server as router. So, our one NIC solution is technically ok and safe, isn't   
   > it?   
   >   
   > "Mike Drechsler - SPAM PROTECTED EMAIL"   
   >  wrote in message   
   > news:cX%fd.3471298$ic1.354320@news.easynews.com...   
   >   
   >>Lei Hu wrote:   
   >>   
   >>>Hi there,   
   >>>   
   >>>I learnt from documents that to run VPN on a win2k/2k3 server, it needs   
   >>>two network cards: one connected to the Internet, and one to the LAN.   
   >>>That's fine, and I understand this. However, our 2k3 server has only one   
   >>>NIC, and we configured the VPN, and it's working fine. Saying that, I'd   
   >>>still like to know if there's any problem (mainly security issues I   
   >>>guess) with this solution. Hope your Experts can explain to me. Thanks!   
   >>>   
   >>>This is what we have. We have about 20 machines with one win2k3 server,   
   >>>all networked. The server functions as the domain controller, terminal   
   >>>server, file server, etc.. And we have an ADSL modem with built in router   
   >>>for the broadband connection. I think this is a typical network structure   
   >>>in today's small businesss company.   
   >>>   
   >>>Now we have a new branch in a different suburb, and people there would   
   >>>like to access the data and use the terminal service in the main branch.   
   >>>So we configured the 2k3 server to add VPN services. We then modified the   
   >>>modem/router configuration to open the VPN port (actually, this is the   
   >>>only port opened). Everything is working fine to me. But back to my   
   >>>question above, is there any security pitfall with this? Or, do you guys   
   >>>have any other smarter ideas to achieve this?   
   >>>   
   >>>Thanks!!   
   >>>   
   >>>Lei   
   >>   
   >>This setup is fine.  You usually need 2 network cards if the server is   
   >>providing the internet accesss to the rest of the network (acting as the   
   >>router).   
   >>   
   >>   
   >>   
   >>--   
   >>WARNING!  Email address has been altered for spam resistance.   
   >>Please remove the -deletethispart-. section before replying directly.   
   >>Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)   
      
   It's safe enough.  You are still trusting that there is no vulnerability   
   in that protocol that a hacker could exploit but you would be doing that   
   in either configuration.   
      
   --   
   WARNING!  Email address has been altered for spam resistance.   
   Please remove the -deletethispart-. section before replying directly.   
   Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]