Jeff Bowes writes: > At this point I am blocking access to most ports on PCs in my Windows > domain from sources outside of a short list of allowed IP ranges. These > IP ranges basically consist of Physics and Astronomy "owned" static and > DHCP addresses. To help outside users access the domain from a source > outside the allowed range I run a VPN server of my own, but I've found > that the VPN solution provided by Microsoft is sometimes not as reliable > as I'd like. > > It would be helpful for me if you were to let us know the range of > addresses that are assigned by the central VPN server so I can allow > them through my IPSec policies. This way I can give my VPN users the > option of using the central solution when it goes public. > > It seemed apparent from discussions at the last NAG meeting that other > folks on campus are firewalling or otherwise blocking ports (or planning > to do so soon) to machines in their specific departments, and they would > also find this information helpful. > > If this information is already publicly available somewhere then feel > free to find me and slap me at your earliest convenience. No, we haven't published this yet. I should put that on the VPN information pages. The VPN service will use IP's in the range 35.12.64.0 through 35.12.95.255. I'm sure we won't use all of those IP's, but I have reserved them for the VPN service. Doug Doug Nelson [log in to unmask] Network Manager Ph: (517) 353-2980 Computer Laboratory http://www.msu.edu/~nelson/ Michigan State University