If this is the case: " I believe the gentleman was referring to a VPN that would cause his terminal services port to not remain open on the internet"
What we have done to circumvent this problem is this: Setup RRAS to allow VPN connections and make sure it's working. Setup RRAS packet filters to block outside connections to all ports except the VPN (TCP 1723)(or additionally other ports needed to be connected to from the real world) Setup RRAS to allow connections to Terminal Server (TCP port 3389) from only the IP addy's delegated when connecting to VPN. This creates a situation where the Terminal Server will not show up and can not be connected to publicly. The only port which will allow connections from the real world is 1723 (VPN). So, to access Terminal Server you must VPN first, then open a terminal session. If someone needs more specifics on how to set it up, let me know. Chisholm Wildermuth Systems Engineer dbWebNet, Inc. ----------------------------------------------------------------------- The opinions expressed here are my own and do not necessarily reflect those of my employer. -----Original Message----- From: Peter Mueller [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 09, 2002 12:07 PM To: 'Melameth, Daniel D.'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Low budget VPN????? > Windows 2000 Terminal Server supports 128-bit encrypted sessions > "out-of-the-box"... and > Other then pushing a GUI over SSH (which I'm considering), what > would be a low or no cost VPN solution for me to log into my home > network (Windows based so I can connect to MS Terminal Server). . I would suggest an IPSEC device, perhaps freeswan (http://www.freeswan.org) or kame (http://www.kame.org). If these aren't options then perhaps L2TP/PPTP tunneling or an SSH tunnel will do the trick.. good luck Peter
