This question was asked sometime ago by somebody else but got only one response from the list. I am posting the question again in hopes of a second and perhaps a third or fourth opinion. The scenario is as follows; Users behind FW1-A were told to use Secure Remote to connect to FW1-B which belongs to another organization. Folks at FW1-B are asking that ports TCP 256, TCP 259, UDP 256, 137, 138, 139 on FW1-A to be opened for the users behind A to get to B. Questions; 1. Is it possible to compromise the network security behind FW-A using the VPN connection established between the users' clients and FW1-B? That is, can machines behind FW1-B get into the network behind FW1-A with this arrangement? 2. Why is it necessary to open ports 256, UDP 259, 137, 138, 139? What risks are involved with these ports opened? Any opinion from experts on this list is much appreciated. - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
