× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



We use a CISCO device, and some CISCO client software on the PC's.  We had
split tunneling turned on, letting a workstation at home access our whole
network including the iSeries systems concurrently with access to the
internet via the cable modem.  Worked GREAT!  Speed and convenience were
excellent.  Better than being at the office.

Then our network group got scared over a story about the sub-seven trojan
getting stuff up and down the VPN tunnel and then up and down the internet
tunnel.  That made them turn off split tunneling and now when you connect to
our VPN it changes your IP address and it acts like a dial up.  Still
faster, but only dedicated to the VPN session.  Oh, and any file, printer or
what have you sharing behind your own firewall? <boom>  You've disappeared
from your own network and been assimilated into the work network.  Kills
backups from my laptop to my desktop hard drives, kills printer sharing,
etc.  GRRRR...  Now VPN is almost useless to me.  Lots of 'discussion' over
the business ethics of the company coming in to my network and changing
settings, basically protecting its network by attacking mine.   

-----Original Message-----
From: Vern Hamberg [mailto:vhamberg@centerfieldtechnology.com]
Sent: Tuesday, February 04, 2003 1:17 PM
To: Midrange Systems Technical Discussion
Subject: RE: VPN


Chuck, we have a LinkSys VPN appliance that acts as our firewall - low 
buck, I know, and there are other more secure options. That unit is exposed 
to the outside world. From home I use a VPN client on my W98 machine. 
Others have XP, which has IPSEC builtin and can be configured nicely for 
this router. The goal is to shut down everything and only allow VPN traffic 
into the internal network. This router uses essentially a password (shared 
secret), not a digital certificate, so it is more crackable than other 
systems. There are a number of architectures for firewall/VPN setups that 
I've seen - I like the integrated appliance approach, but others know the 
alternatives.

For us this is adequate. We've tried to understand, to some degree, anyway, 
our exposure, and are satisfied with the cost-risk-benefit of this setup. 
But please do not go with a solution until you've looked at the risks and 
the value of what you are protecting, and the cost of protecting it. 
There's no one-size-fits-all solution, IMO.

Cheers

Vern

At 02:00 PM 2/4/2003 -0500, you wrote:
>I am new to all of this (as of late last year and a VPN to allow our Sales
>folks to access our AS/400). As you note, this was not always supported.
>
>Our AS/400 isn't public and the VPN router sits behind a firewall. Is that
>of concern ?
>
>Thanks,
>
>Chuck
>


_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.