RE: [NTSysADM] Exposure from VPN

[J- P]

not sure, But I will not be in control of the gateway policy if I understand 
correctly, it will be the remote domain /gateway host that would configure that.

 

 

 

 

 

 

 

 

 

 

Jean-Paul Natola

 

 
From: bill.m...@pittcountync.gov
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Exposure from VPN
Date: Wed, 17 Jul 2013 16:14:42 +0000









You can restrict the ability have the local drive show up through the policy on 
the RD Gateway, can you not?
 


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of Kennedy, Jim

Sent: Wednesday, July 17, 2013 12:07 PM

To: ntsysadm@lists.myitforum.com

Subject: RE: [NTSysADM] Exposure from VPN


 
Ahhh, I see. Don’t think you can limit your exposure in that scenario other 
than having her use a machine not in the domain…and on it’s own vlan or internet
 connection.
 


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of J- P

Sent: Wednesday, July 17, 2013 12:03 PM

To: ntsysadm@lists.myitforum.com

Subject: RE: [NTSysADM] Exposure from VPN


 

This would still expose our lan  would it not?

 

she remotes in, her local drives show up including her network drives (our lan 
shares), where's the security on our side?

 

I get than they can secure their network using rdgateway, but what protects me 
as I am not the gateway hoster/provider?



 

 

 

 

 

 

 

 

 

 

Jean-Paul Natola

 



 




From:
kennedy...@elyriaschools.org

To: ntsysadm@lists.myitforum.com

Subject: RE: [NTSysADM] Exposure from VPN

Date: Wed, 17 Jul 2013 15:54:04 +0000

Pptp absolutely not.  It is totally broken and insecure. MS has a KB somewhere 
saying stop using it.
 
We use remote desktop via Microsoft’s Remote Desktop Gateway. Very easy to 
setup and use and gives the user a desktop that is located in the remote 
domain..so
 all the settings..mapped drives…all show up.
 
http://technet.microsoft.com/en-us/library/cc731150.aspx
 
 


From:
listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of J- P

Sent: Wednesday, July 17, 2013 11:43 AM

To: ntsysadm@lists.myitforum.com

Subject: [NTSysADM] Exposure from VPN


 

Hi all,

 

We have an employee who works part time for 2 organizations which are located 
in the same building, now we are moving

and they want her to VPN in from our network to theirs, using traditional MS 
pptp- I'm not entirely comfortable with that idea , can someone suggest a more 
secure safer alternative

 

Or maybe someway of securing this type of connection as to reduce exposure of 
our LAN?

 

 

TIA

 

 

 

 

 

 

 

 

 

 

Jean-Paul Natola