If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Windows XP Firewall and VPN
Hi everyone
ok here is my dilemma, we are working on creating a new firewall policy for our laptop users. Laptops are XP Pro with SP3 Domain environment is A.D. 2003 The policy requires the following: 1.) when the laptops are on the network/domain the firewall is set to a lower/less restrictive setting 2.) when the laptops are off the network/domain the firewall is set to the highest setting with no exceptions allowed for incoming traffic This part is easy. I have my policy in place on the laptops. When they are on the network/domain the firewall is set to a lower setting, I can ping then and RDP to them. When they are off the network for example at a starbucks or some sort of hotspot the firewall sets itself to the highest level. The laptop is pretty much in stealth mode So here is where my dilemma starts, while on a wireless connection at a hotspot I connect to my network through my VPN connection. At this point with in about 30 seconds my firewall reverts back to its lowest setting. And of course this is the right behavior, since the laptop sees the A.D. and it actually on the network/domain. But this is my concern if I am at a hotspot with my VPN on, I just opened up my laptop up in a public domain because my firewall lowered its setting. Is there a way with the Windows firewall or any other software firewall that does the following simultaneously? 1.) When at a public hotspot my firewall turns on to the highest setting for the hotspot assigned IP address. 2.) When I VPN from this hotspot have my firewall set to it lower setting for the VPN assigned IP. With this combination I have complete protection at the hotspot but at the same time I can remotely administer my laptop user when they are on our network/domain through the VPN. I have even tried using the firewall from our Trend Officescan and it will not work either. Their tech support told me its a feature the can not be supported at this time. I hope this makes sense. Luis -- Message posted using http://www.talkaboutsoftware.com/gro...ecurity_admin/ More information at http://www.talkaboutsoftware.com/faq.html |
Ads |
Thread Tools | |
Display Modes | |
|
|