Doug (or some other Central VPN person), At this point I am blocking access to most ports on PCs in my Windows domain from sources outside of a short list of allowed IP ranges. These IP ranges basically consist of Physics and Astronomy "owned" static and DHCP addresses. To help outside users access the domain from a source outside the allowed range I run a VPN server of my own, but I've found that the VPN solution provided by Microsoft is sometimes not as reliable as I'd like. It would be helpful for me if you were to let us know the range of addresses that are assigned by the central VPN server so I can allow them through my IPSec policies. This way I can give my VPN users the option of using the central solution when it goes public. It seemed apparent from discussions at the last NAG meeting that other folks on campus are firewalling or otherwise blocking ports (or planning to do so soon) to machines in their specific departments, and they would also find this information helpful. If this information is already publicly available somewhere then feel free to find me and slap me at your earliest convenience. Jeff Bowes 1209A Biomedical Physical Sciences [log in to unmask] -----Original Message----- From: MSU Network Administrators Group [mailto:[log in to unmask]] On Behalf Of Doug Nelson Sent: Tuesday, January 20, 2004 7:03 AM To: [log in to unmask] Subject: [MSUNAG] Central VPN access server now available This is a followup to last Friday's meeting. We are now ready to announce the central campus VPN access service. Details on using the central VPN access can be found at: http://network.msu.edu/public/vpn/ For those of you who may not be familiar with the term VPN (Virtual Private Network), this server provides an access "tunnel" from your client computer to a remote network. This tunnel is intended to allow you to bypass restrictions which may be present at the network border, or those imposed by the various servers and services on the target network. In particular, at MSU, we are blocking the Microsoft networking protocols at MSU's border. Use of the central VPN access service will permit you to reach these services from your computer, when connected from locations off-campus. Doug Doug Nelson [log in to unmask] Network Manager Ph: (517) 353-2980 Computer Laboratory http://www.msu.edu/~nelson/ Michigan State University