Firewall Wizards mailing list archives

Remote access problem

From: James X <scouser () paradise net nz>
Date: 03 Oct 2002 22:12:10 +1200

I need ideas for solving a remote access issue.

Problem:
Users in my organisation require a connection to an application running
on a server in a second organisation.
The solution they came up with was a IPSec tunnel terminating on a PIX
box at their end and the pcs of the users in my organisation.

My issues:
The tunnel terminates inside my network, therfore I have no way of
filtering the traffic in the tunnel. The will be using a cisco VPN
client.
Users need to be able to communicate with my network while the tunnel is
up so I can't just cut them off while they use this facility.
The second orgnaisation require the users to authenticate with their
server, so I can't just put up a gateway - gateway solution.
Any suggestions would be welcome.


To add the cream to the cake the timeframe is very tight, infact they
only thought my team (network security) might be interested a few weeks
before they planned to test this !! (when will people realise that
security conerns are best dealt with during design !)



_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: AIM Jim Seymour (Oct 01)
- <Possible follow-ups>
- Re: AIM Christopher Hicks (Oct 01)
  - Re: AIM Paul D. Robertson (Oct 01)
- RE: AIM Noonan, Wesley (Oct 01)
- RE: AIM Nieveler, Juergen (Oct 01)
  - RE: AIM Paul D. Robertson (Oct 01)
- RE: AIM Stiennon,Richard (Oct 01)
- RE: AIM Jim Seymour (Oct 01)
- RE: AIM Bill Olah (Oct 02)
  - Remote access problem James X (Oct 03)
  - RE: AIM kaptain (Oct 03)
    - RE: AIM Paul D. Robertson (Oct 03)