[Klug-general] VPN Endpoints
MacGyveR
macgyver at thedumbterminal.co.uk
Wed Apr 8 21:55:17 UTC 2009
On Wednesday 08 Apr 2009, James Leighton wrote:
> Hi all,
>
> Quick Background:
>
> I want/need to be able to allow people X, Y, Z to VPN into one of our
> networks (Network 1), but only access the gateway of said network (to allow
> them to connect to another remote network (We'll call this network 2) (via
> VNC) which only allows the first network to connect!
>
> Basically:
>
> X ---> Network 2 (doesn't work due to security on network 2)
> but
> X --> VPN to network 1 --> Vnc to Network 2 is fine
>
> except, we only want them to access the gateway and no local resources on
> network 1!
>
> Ok, that background wasn't quick! Ah well :)
>
> Anyway, would my best course of action be to set up a VPN box with 2
> interfaces, acting as a NAT router on one and that terminates the VPN
> (which I'd forward through the router) on the other? Or is there a simpler
> solution?
>
> Thanks for any insights :) (And sorry If I made no sense at all!)
>
> James
Will i get flamed for suggesting the following:
get a cheap 2nd cisco plx from ebay, setup vpn on it and use the cisco vpn
client (works on windows and linux). then tell the pix to only allow you to
access the vnc port on network 2.
ps. why vnc?
--
--------------------------------
http://www.thedumbterminal.co.uk
More information about the Kent
mailing list