Great Circle Associates Firewalls
(March 1993)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Appletalk through firewalls.
From: davidl @ Newbridge . COM (David Law)
Date: Mon, 1 Mar 93 13:40:25 EST
To: firewalls @ GreatCircle . COM

> 
> > I find the request to permit AppleTalk through your firewall somewhat
> > mystifying.  How are people planning to get AppleTalk to your network?
> > No network provider that I know of is routing AppleTalk so who would be
> > using this hole in your firewall, and how would they get AppleTalk packets
> > to your firewall?
> 
> 
> Well, in a slightly different situation, it's possible. We will have an
> AppleTalk Remote Access server installed. This allows people to dialup to
> our network from a Macintosh, and access all net services as though they
> were a local user.
> 
> Now, I don't trust Apple's login/password stuff, since (as always) people
> often chose insecure passwords. So, I'd like to be able to restrict access
> to the network from the ARA server. The ideal solution would be an AppleTalk
> firewall, if such a beast is even possible.
> 
> Failing that, I'll have to completely disable routing from the ARA server to
> the internal net, and put all the servers on a touchdown network outside our
> routers... Yuck.
> 

I think ARA is definitely the way to go but as metioned, Apple's passwd/login 
stuff is easily bi-passed. Caymen, however, does make an ARA box which can be 
used with Secure ID. It's probably worth looking into if you really need remote
access for the Macs.

David Law - Systems Administration      Internet: davidl @
 Newbridge .
 COM
Newbridge Networks Corp.                          postmaster @
 Newbridge .
 COM
PO Box 13600 600 March Road,            Tel: (613) 591-3600
Kanata Ontario, Canada K2K 2E6          Fax: (613) 591-3680



Follow-Ups:
Indexed By Date Previous: Re: Appletalk through firewalls.
From: chk @ alias . com (C. Harald Koch)
Next: Re: WAIS: an overview
From: Brent Chapman <brent @ GreatCircle . COM>
Indexed By Thread Previous: Re: Appletalk through firewalls.
From: chk @ alias . com (C. Harald Koch)
Next: Re: Appletalk through firewalls.
From: Leland K. Neely <lkn @ llnl . gov>

Google
 
Search Internet Search www.greatcircle.com