 |
 |
Lee Duynslager wrote: > Has anybody out there configured a firewall on a msu server or machine to > permit access via VPN? > > The reason I ask is that if you could provide me with the minimal list or > range of IP addresses that will have to be added to the firewall rules so > that users connecting via vpn can access that server? Not sure I understand the problem/issue correctly, but a VPN is used to avoid adding direct access to services to a remote IP address or range of addresses. For an IPSEC VPN, you would need to add rules on your firewall to allow traffic from anywhere to PORT 500 UDP for Internet Key Exchange (IKE) and then IP protocol 50 if you are using an ESP tunnel or 51 for AH. Many VPNs will also provide firewall or policy capabilities, so from there you could limit what internal services a remote VPN user could access. Hope this helps, dpk