> Bottom line is that if you are considering doing NT to NT work at all
> (inter-domain stuff, administration, etc...) through a Firewall, it
> makes far more sense to do that within a PPTP tunnel than not because
> its a seemless connection that allows full MS Networking connectivity
> without a lot of kludging.
If you are allowing PPTP tunnelling thru the firewall to the PPTP
server,with that providing access to internal hosts, how is that
different than
multi-homing the PPTP server inside/outside? Are you thinking in terms
of protecting the PPTP server from "network level attacks" on the
Internet?
Either way, however, it seems the PPTP server is part of the "security
perimeter". Or in the paragraph above are you implying that the FW
would allow very restricted access to the PPTP server, eg doing the
PPTP tunnelling in conjunction with a FW user authentication scheme?
Hmmmm, PPTP within SecuRemote? :-)
--
Bill Heiser
mailto:bill @
bh .
org
http://www.bh.org
|
|
