Results 1 to 8 of 8

Thread: Securing VPN & Restrict Internet Access

  1. #1
    girldemsuga Guest

    Exclamation Securing VPN & Restrict Internet Access

    I have a ADSL connection at two locations.
    I settup a VPN to link the two locations and here is the thing, at one of the location, the users must not be able to surf the internet.
    I am thinking of a couple was to set this done like on the ADSL router, redirecting port 80 to a random port 80 for both traffic going in and out.
    Setting up a proxy server but on the other hand, if the usergoes into internet options, it is easy to bypass the proxy.
    More info about the netork to not get internet:
    There is about 14 machine in network,
    all machine login to a Window 2000 Domain.
    The server assigns ip address for all machine on the network.
    Most of the workstations use Windows 98 for the OS (Windows 98 because of the software that has to be used on a daily basis)
    3 Windows XP workstation and 1 Windows 2000 workstation.

    Anyone got any ideas, just wanted to know what you'll think is best.

    Apart from all that, the ADSL is not yet plugged int the network so all these machines are virgines to the internet and no one is allows to carry any CD's or diskette to use in the machine (i'm not saying that it cant happen without me knowing) so there has never been a virus problem before.
    In other words, when the VPN is properly settup and the ADSL is plugged into the network, the security of all these machine have to taken into consideration.

  2. #2
    Join Date
    Jan 2005
    Posts
    3,151
    Rep Power
    0

    Default

    First of all, set the default forwarding policy to drop packets on the firewall.
    Then set rules to allow through vpn traffic and other services you see necessary.

  3. #3
    girldemsuga Guest

    Exclamation Firewall

    is there any particular firewall which you could recommend?

    NETWORK this side <== Internet Traffic

  4. #4
    Join Date
    Nov 2004
    Posts
    717
    Rep Power
    0

    Default

    Some routers can restrict internet access by IP addresses or MAC addresses. You are using DHCP on your server?
    I dream in my dream all the dreams of the other dreamers and I become the other dreamers.
    1f u c4n r34d th1s u r34lly n33d t0 g37 l41d

  5. #5
    girldemsuga Guest

    Default

    The DHCP server is Windows 2000 Server.

  6. #6
    Join Date
    Nov 2004
    Posts
    717
    Rep Power
    0

    Default

    You should use static IP on your network, more secure. what model, make router will you be using?
    I dream in my dream all the dreams of the other dreamers and I become the other dreamers.
    1f u c4n r34d th1s u r34lly n33d t0 g37 l41d

  7. #7
    Join Date
    Nov 2004
    Posts
    717
    Rep Power
    0

    Default

    Recently setup something for a client using 2 Netgear VPN routers http://www.compusa.com/products/prod...353&pfp=BROWSE It all works too well because they have not called me since I did the installation and a firmware upgrade.
    I dream in my dream all the dreams of the other dreamers and I become the other dreamers.
    1f u c4n r34d th1s u r34lly n33d t0 g37 l41d

  8. #8
    girldemsuga Guest

    Default

    I'm not at the location now so i dont remember what what model router it is but i know it's one the SpeedTouch which Cable and Wireless sells.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •