Forgive me if I made a technical gaffe, but I was under the impression that
VPN clients are (or should be) designed to tunnel only locally originated
traffic. Certainly firewall-to-firewall VPN endpoints can route traffic, but
a client? The software I have looked at wants to charge you another license
fee to get this capability (Gauntlet and Lucent, for example). I didn't think
the client software was generally capable of it.
Maybe I could claim that my qualifier "good VPN client" includes only software
that doesn't allow routing. Or maybe I just stuck my foot in my mouth. :)
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Peter da Silva
> Sent: Wednesday, July 07, 1999 5:51 AM
> To: [EMAIL PROTECTED]
> Subject: Re: DSL/CableModem + dial-up = ???
>
>
> In article <004601bec810$013a9140$[EMAIL PROTECTED]>,
> Mike Batchelor <[EMAIL PROTECTED]> wrote:
> >Deepsixing the term server is actually a pretty good idea, and may
> have a good
> >chance of flying if you pitch a good VPN product as its replacement.
>
> How does a VPN product change the exposure? Either way the user's machine
> is simultaneously on the Internet and on the company lan... whether the
> second network connectin is through an encrypted tunnel or a DUN connection
> to a terminal server doesn't seem to make any useful difference.
>
> No, from a security standpoint a VPN is exactly the same as any other dual-
> homed setup. You'd get better security by recognising this and providing a
> DMZ for your modem pool or the "inside" end of the VPN, with only those
> resources your dialup users need to have access to exposed.
>
> --
> In hoc signo hack, Peter da Silva <[EMAIL PROTECTED]>
> `-_-' Ar rug tu barrog ar do mhactire inniu?
> 'U` "Be vewy vewy quiet...I'm hunting Jedi." -- Darth Fudd
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
