We use a Cisco 3000 series (3005 I think). It authenticates users with AD via IAS (MS Radius). We make users members of appropriate groups to grant access.
You would want to configure some filters to block ports you don't want open. Or rather, block everything and open what you need. Matt Joyce Children's Cancer Institute Australia http://www.ccia.org.au > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Erick Thompson > Sent: Tuesday, 21 September 2004 5:40 AM > To: Exchange Discussions > Subject: RE: LCS and remote users > > Perhaps I do need to spend more time with my VPN software, > and get it configured correctly. I didn't see those options > when I last spend time getting it set up. > > Are all these options available with Win 2k/03 VPNs, or is it > better to use a firewall based VPN? > > Thanks, > Erick > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Ryan Finnesey > > Sent: Sunday, September 19, 2004 9:31 AM > > To: Exchange Discussions > > Subject: RE: LCS and remote users > > > > The VPN does not need to be wide open. You can have the > VPN operate > > only on port X and only connect to server Y. > > > > > > > > Ryan > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Erick Thompson > > Sent: Friday, September 17, 2004 7:38 PM > > To: Exchange Discussions > > Subject: RE: LCS and remote users > > > > If you have a remote user infected with virus X, would you > rather them > > have access to your network, or just to port X on server Y? > True, with > > an open port you are more exposed to random hackers, but > I've had far > > far more problems with my remote users downloading viruses, > trojans, > > and other "bad things" then I have with random attacks breaking in. > > > > Erick > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On > Behalf Of > > > Martin Blackstone > > > Sent: Friday, September 17, 2004 4:31 PM > > > To: Exchange Discussions > > > Subject: RE: LCS and remote users > > > > > > So its safer to just open ports? > > > This is like dyslexic security. > > > Open ports = bad. > > > VPN = good. > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of > > > Erick Thompson > > > Sent: Friday, September 17, 2004 4:15 PM > > > To: Exchange Discussions > > > Subject: RE: LCS and remote users > > > > > > I really dislike VPNs. They basically tunnel into your network, > > > leaving you quite exposed. Do you know what ports SIP uses? > > > > > > Thanks, > > > Erick > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED] On > > Behalf Of > > > > Martin Blackstone > > > > Sent: Friday, September 17, 2004 3:40 PM > > > > To: Exchange Discussions > > > > Subject: RE: LCS and remote users > > > > > > > > I would imagine a VPN. > > > > > > > > -----Original Message----- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED] On > Behalf Of > > > > Erick Thompson > > > > Sent: Friday, September 17, 2004 2:31 PM > > > > To: Exchange Discussions > > > > Subject: LCS and remote users > > > > > > > > I have an LCS Server running for internal IM. I would > > like to give > > > > selected users outside of the firewall access to the LCS > > server, so > > > > they can use our internal IM network. What is the best way > > > to do this? > > > > Proxy? > > > > Open ports (if so, which ones)? > > > > > > > > Thanks, > > > > Erick > > > > > > > > > > > > > _________________________________________________________________ > > > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > > > Web Interface: > > > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > > > ext_mode=&lang > > > > =english > > > > To unsubscribe send a blank email to %%email.unsub%% > > > > Exchange List admin: [EMAIL PROTECTED] > > > > To unsubscribe via postal mail, please contact us at: > > > > Jupitermedia Corp. > > > > Attn: Discussion List Management > > > > 475 Park Avenue South > > > > New York, NY 10016 > > > > > > > > Please include the email address which you have been > > contacted with. > > > > > > > > > > > > > _________________________________________________________________ > > > > List posting FAQ: > http://www.swinc.com/resource/exch_faq.htm > > > > Web Interface: > > > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > > > ext_mode=&lang=english > > > > To unsubscribe send a blank email to %%email.unsub%% > > > > Exchange List admin: [EMAIL PROTECTED] > > > > To unsubscribe via postal mail, please contact us at: > > > > Jupitermedia Corp. > > > > Attn: Discussion List Management > > > > 475 Park Avenue South > > > > New York, NY 10016 > > > > > > > > Please include the email address which you have been > > contacted with. > > > > > > > > > > > > > > > > > _________________________________________________________________ > > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > > Web Interface: > > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > > ext_mode=&lang > > > =english > > > To unsubscribe send a blank email to %%email.unsub%% > > > Exchange List admin: [EMAIL PROTECTED] > > > To unsubscribe via postal mail, please contact us at: > > > Jupitermedia Corp. > > > Attn: Discussion List Management > > > 475 Park Avenue South > > > New York, NY 10016 > > > > > > Please include the email address which you have been > contacted with. > > > > > > > > > _________________________________________________________________ > > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > > Web Interface: > > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > > ext_mode=&lang=english > > > To unsubscribe send a blank email to %%email.unsub%% > > > Exchange List admin: [EMAIL PROTECTED] > > > To unsubscribe via postal mail, please contact us at: > > > Jupitermedia Corp. > > > Attn: Discussion List Management > > > 475 Park Avenue South > > > New York, NY 10016 > > > > > > Please include the email address which you have been > contacted with. > > > > > > > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=& > > lang=english > > To unsubscribe send a blank email to > > %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang=english > > To unsubscribe send a blank email to > > %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > ext_mode=&lang=english > To unsubscribe send a blank email to > %%email.unsub%% > Exchange List admin: [EMAIL PROTECTED] > To unsubscribe via postal mail, please contact us at: > Jupitermedia Corp. > Attn: Discussion List Management > 475 Park Avenue South > New York, NY 10016 > > Please include the email address which you have been contacted with. > > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
