I've been following the thread on FTP servers in the DMZ with interest.
I'm curious as to how it applies to a server providing VPN access using
Win2k Server's Routing and Remote Access.
Given that the VPN is supposed to give access to the private network to
external clients (who can authenticate) how can you avoid having at
least one interface on the local network? Surely the best you can do is
have one interface on the private network, and the other in a DMZ
(behind the firewall) - but you've still the problem if the VPN provider
is compromised!
How do you solve that one?
TIA - SecMan.
- RE: DMZ and VPN Security Manager
- RE: DMZ and VPN John Tolmachoff
- Re: DMZ and VPN Alberto Cozer
- RE: DMZ and VPN David Gillett
- Re: DMZ and VPN abretten
- Re: DMZ and VPN Chris Travers
- RE: DMZ and VPN Fields, James
